CVE-2026-1482

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idevaluacion' in '/evaluacionobjetivosevaluadefinido.aspx', could allow an attacker to...

CVE-2021-31817

When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext...

WordPress Brands for WooCommerce Plugin SQL Injection Vulnerability

WordPress Brands for WooCommerce Plugin is a category of plugins for WordPress websites that specialize in helping WooCommerce online stores manage product brands. WordPress Brands for WooCommerce Plugin suffers from a SQL injection vulnerability that stems from the application's lack of validati...

WordPress ArtPlacer Widget plugin SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the WordPress ArtPlacer Widget plugin that stems from the application's lack of validation of externally entered SQL statements. No...

Advantech iView SQL Injection Vulnerability (CNVD-2025-31061)

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter...

QNAP Qsync Central SQL Injection Vulnerability

QNAP Qsync Central is a private cloud synchronization service launched by Weilian QNAP, which is mainly used to achieve real-time synchronization and backup of files between devices, with functions similar to GoogleDrive, Dropbox and other cloud storage services, but with the data stored in the...

Beauty Parlour Management System manage-services.php File SQL Injection Vulnerability

Beauty Parlour Management System is an application system. Beauty Parlour Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter delid in the file /admin/manage-services.php. An attacker can...

EUVD-2021-18692

Malware in sbrugna...

Apache StreamPark SQL Injection Vulnerability

Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. A SQL injection vulnerability exists in Apache StreamPark versions 2.1.4 through 2.1.6 and earlier, which stems from the application's lack of validation of externally entered S...

Travel Management System /updatepackage.php File SQL Injection Vulnerability

Travel Management System is a travel management system. Travel Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in parameter s1 in file /updatepackage.php. An attacker can exploit this vulnerability to execute...

Wazifa System updatesettings.php file SQL injection vulnerability

Wazifa System is a content management system. Wazifa System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Password in the file /controllers/updatesettings.php. An attacker can use this vulnerability to...

WordPress plugin Smart Slider SQL注入漏洞

WordPress Smart Slider plugin is a powerful WordPress plugin that is mainly used to create responsive slideshows/sliders that support images, videos, posts and other forms of content presentation. WordPress Smart Slider plugin suffers from a SQL injection vulnerability that stems from the...

PHPGurukul Car Washing Management System 注入漏洞

Car Washing Management System is a car wash management system. Car Washing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter wpid in the file /admin/editcar-washpoint.php. An attacker can...

Local Services Search Engine Management System SQL Injection Vulnerability

Local Services Search Engine Management System is a local services search engine management system. Local Services Search Engine Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of the editid parameter in the file...

PHPGurukul Small CRM 注入漏洞

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter aremark in the file /admin/manage-tickets.php. An attacker can exploit this vulnerability ...

CVE-2021-31816

When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext...

PHPGurukul Park Ticketing Management System 注入漏洞

Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter searchdata in the file /foreigner-search.php. An...

RuvarOA PageID Parameter SQL Injection Vulnerability

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the lack of validation of external SQL statements in the PageID parameter of the /WebUtility/getfindcondiction.aspx file. An attacker can exploit this...

RuvarOA office_missive_id Parameter SQL Injection Vulnerability

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by the lack of validation of the officemissiveid parameter in the /WorkFlow/wfworkformsave.aspx file against external SQL input. An attacker can exploit this...

PHPGurukul Small CRM 安全漏洞

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the Users login panel. No details of the vulnerability are available at this time...