CVE-2026-2093

Docpedia (Flowring) has an unauthenticated SQL Injection vulnerability that allows remote attackers to inject arbitrary SQL to read database contents. The issue is triggered via unauthenticated access and can lead to leakage of confidential data (CVE-2026-2093). CVSS metrics provided indicate hig...

CVE-2026-2093 Flowring｜Docpedia - SQL Injection

Docpedia developed by Flowring has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2026-2093

Docpedia developed by Flowring has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

Security Bulletin: IBM OpenPages is affected by multiple security vulnerabilities of DB2 Database Server (January 2026)

Summary IBM® Db2® Database Server is shipped as a supporting program of IBM OpenPages. Information about security vulnerabilities affecting IBM Db2 Database Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...

CVE-2026-0488

An authenticated attacker in SAP CRM and SAP S/4HANA Scripting Editor could exploit a flaw in a generic function module call and execute unauthorized critical functionalities, which includes the ability to execute an arbitrary SQL statement. This leads to a full database compromise with high impa...

CVE-2026-0488

An authenticated attacker in SAP CRM and SAP S/4HANA Scripting Editor could exploit a flaw in a generic function module call and execute unauthorized critical functionalities, which includes the ability to execute an arbitrary SQL statement. This leads to a full database compromise with high impa...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM DB2 shipped with IBM WebSphere Remote Server

Summary IBM DB2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletins Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affect...

CVE-2026-0488

CVE-2026-0488 affects SAP CRM and SAP S/4HANA (Scripting Editor) via a flaw in a generic function module call that an authenticated attacker can abuse to execute an arbitrary SQL statement. This can lead to full database compromise with high impact to confidentiality, integrity, and availability....

CVE-2026-0488 Code Injection vulnerability in SAP CRM and SAP S/4HANA (Scripting Editor)

An authenticated attacker in SAP CRM and SAP S/4HANA Scripting Editor could exploit a flaw in a generic function module call and execute unauthorized critical functionalities, which includes the ability to execute an arbitrary SQL statement. This leads to a full database compromise with high impa...

[SECURITY] Fedora 43 Update: atuin-18.6.1-10.fc43

Atuin replaces your existing shell history with a SQLite database, and records additional context for your commands. Additionally, it provides optional and fully encrypted synchronization of your history between machines, via an Atuin server...

Flowring Docpedia SQL注入漏洞

Flowring Docpedia is a document management system developed by Flowring Corporation in China. Flowring Docpedia has a SQL injection vulnerability. This vulnerability arises from unvalidated remote attacks, allowing attackers to inject arbitrary SQL commands, potentially leading to the reading of...

Flowring Docpedia SQL注入漏洞

Flowring Docpedia is a document management system developed by Flowring Corporation. Flowring Docpedia has a SQL injection vulnerability. This vulnerability allows authenticated remote attackers to inject arbitrary SQL commands, potentially leading to the reading, modification, or deletion of...

PT-2026-7234

Name of the Vulnerable Software and Affected Versions Docpedia affected versions not specified Description Docpedia, developed by Flowring, exhibits a SQL Injection issue. This allows attackers who do not need to log in to inject and execute arbitrary SQL commands, potentially leading to...

Worklenz SQL注入漏洞

Worklenz is a project management tool developed under open source in Worklenz. Versions of Worklenz prior to 2.1.7 contained a SQL injection vulnerability. This vulnerability stemmed from multiple SQL injection points in the backend SQL queries, affecting functions such as project task management...

MongoDB Server 安全漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a company based in the United States. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which ste...

Ivanti Endpoint Manager SQL注入漏洞

Ivanti Endpoint Manager EPM is a set of endpoint security managers developed by the American company Ivanti. Versions of Ivanti Endpoint Manager prior to EPM 2024 SU5 contained a SQL injection vulnerability. This vulnerability allows remote authentication attackers to access arbitrary data in the...

SAP CRM和SAP S/4HANA 安全漏洞

SAP CRM and SAP S/4HANA are both products of the German company SAP. SAP CRM is a customer relationship management system. SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system. There are security vulnerabilities in SAP CRM and SAP S/4HANA. Thes...

PT-2026-7235

Name of the Vulnerable Software and Affected Versions Docpedia affected versions not specified Description Docpedia developed by Flowring has a SQL Injection issue. Authenticated remote attackers can inject arbitrary SQL commands, potentially allowing them to read, modify, and delete database...

PT-2026-7327

Name of the Vulnerable Software and Affected Versions Worklenz versions prior to 2.1.7 Description Worklenz, a project management tool, contains multiple SQL injection flaws in its backend SQL query construction. These flaws affect project and task management controllers, reporting and financial...

PT-2026-7256

Name of the Vulnerable Software and Affected Versions Simcenter Femap versions prior to 2512 Simcenter Nastran versions prior to 2512 Description The software is susceptible to a heap-based buffer overflow when processing specifically designed NDB files. Successful exploitation of this issue coul...