CVE-2025-50196

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/editinstance.php via the POST maindatabase parameter. This issue has been patched in version 1.11.30...

CVE-2025-50188

Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming from the user from the GET value parameter with the following scripts: /plugin/vchamilo/views/syncparams.php and /plugin/vchamilo/ajax/service.php, which allows an...

CLEANSTART-2026-AY29369 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the valkey package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

CLEANSTART-2026-CQ83284 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the valkey package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

CLEANSTART-2026-YP32652 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the valkey package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

CLEANSTART-2026-BZ70876 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the valkey package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

SUSE CVE-2026-26190

Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath...

Simplejobscript SQL注入漏洞

Simplejobscript is a free worksheet software developed by Niteosoft. Simplejobscript has a SQL injection vulnerability. This vulnerability stems from the SQL injection in the jobid parameter, which could allow unverified attackers to manipulate database queries, extract sensitive data, or modify...

Simplejobscript SQL注入漏洞

Simplejobscript is a free web development software open source by Niteosoft. Simplejobscript has a SQL injection vulnerability. This vulnerability stems from the appid parameter, which allows for SQL injections. It could enable attackers to manipulate database queries, extract sensitive data,...

PT-2026-22967

A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-supplied input. An attacker could exploit this vulnerability by sending...

NCrypted Jobgator SQL注入漏洞

NCrypted Jobgator is a recruitment website construction script developed by the US company NCrypted. NCrypted Jobgator has a SQL injection vulnerability, which stems from the experience parameter being susceptible to SQL injections. This vulnerability could allow unverified attackers to manipulat...

PHPads SQL注入漏洞

PHPads is a simple PHP banner advertising script developed by Nile Flores. Version 2.0 of PHPads contains an SQL injection vulnerability, which stems from the bannerID parameter in the click.php3 file. This vulnerability could allow unverified attackers to execute arbitrary SQL queries and extrac...

PT-2026-22958

PHPads 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the bannerID parameter in click.php3. Attackers can submit crafted bannerID values using SQL comment syntax and functions like extractvalue...

PT-2026-22857

The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the 'workflow ids' parameter in all versions up to, and including, 5.9.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

Ashop Shopping Cart SQL注入漏洞

Ashop Shopping Cart is a e-commerce platform developed by the Ashop company. The Ashop Shopping Cart has a SQL injection vulnerability. This vulnerability stems from the shop parameter being subject to SQL injection attacks, which may allow unverified attackers to manipulate database queries and...

PT-2026-22964

SQL Injection vulnerability in vran-dev databaseir v.1.0.7 and before allows a remote attacker to execute arbitrary code via the query parameter in the search API endpoint...

Simplejobscript SQL注入漏洞

Simplejobscript is a free worksheet software developed by Niteosoft. Simplejobscript has a SQL injection vulnerability, which stems from the employerid parameter being susceptible to SQL injections. This vulnerability could allow unverified attackers to manipulate database queries, extract...

PT-2026-22966

A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-supplied input. An attacker could exploit this...

PT-2026-22965

A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-supplied input. An attacker could exploit this vulnerability by sending...

WordPress plugin JS Help Desk – AI-Powered Support & Ticketing System SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...