30 matches found
Opencart Divido - Sql Injection
OpenCart Divido plugin is susceptible to SQL injection id: CVE-2018-11231 info: name: Opencart Divido - Sql Injection author: ritikchaddha severity: high description: | OpenCart Divido plugin is susceptible to SQL injection impact: | This vulnerability can lead to data theft, unauthorized access,...
RockyLinux 9 : python3.12 (RLSA-2026:19177)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19177 advisory. expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-59375...
RHEL 10 : python3.12 (RHSA-2026:19064)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19064 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
CVE-2021-27611
SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged attacker to inject malicious code by executing an ABAP report when the attacker has access to the local SAP system. The attacker could then get access to data, overwrite them, or execute a denial of service...
EUVD-2021-1015
Malware in sbrugna...
EUVD-2020-0458
Malware in sbrugna...
EUVD-2023-33286
Malicious code in bioql PyPI...
EUVD-2025-4717
Malicious code in bioql PyPI...
CVE-2025-30099
Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an ...
CVE-2025-47783
Label Studio
GenAI Security: Outsmarting the Bots with a Proactive Testing Framework
The increasing sophistication and integration of Generative AI GenAI models into diverse applications introduce new security challenges that traditional methods struggle to address. This research explores the critical need for proactive security measures to mitigate the risks associated with...
CVE-2024-51445
CVE-2024-51445 affects Siemens Polarion: Polarion V2310 (All versions) and Polarion V2404 (All versions
Dell Unity OS Command Injection Vulnerability (CNVD-2025-08302)
Dell Unity is a mid-range storage array software from Dell EMC for data storage and management. Dell Unity suffers from an OS command injection vulnerability that can be exploited by an attacker to submit a special request to delete arbitrary files...
CVE-2025-1023
A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary SQL queries by exploiting a time-based blind SQL Injection vulnerability in the EditEventTypes functionality. The newCountName parameter is directly concatenated into an SQL query without proper...
CVE-2025-1135
A vulnerability exists in ChurchCRM 5.13.0. and prior that allows an attacker to execute arbitrary SQL queries by exploiting a boolean-based and time-based blind SQL Injection vulnerability in the BatchWinnerEntry functionality. The CurrentFundraiser parameter is directly concatenated into an SQL...
CVE-2025-1133
A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary SQL queries by exploiting a boolean-based blind SQL Injection vulnerability in the EditEventAttendees functionality. The EID parameter is directly concatenated into an SQL query without proper...
CVE-2024-28107
phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. A SQL injection vulnerability has been discovered in the insertentry & saveentry when modifying records due to improper escaping of the email address. This allows any authenticated user with the...
ChurchCRM SQL Injection Vulnerability (CNVD-2024-35168)
ChurchCRM is an open source CRM system for churches. ChurchCRM 5.8.0 and prior versions suffer from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands t...
Inout RealEstate 2.1.3 SQL Injection
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Cisco HyperFlex HX Command Injection Direct Check (cisco-sa-hyperflex-rce-TjjNrkpR)
Binary data cisco-sa-hyperflex-rce-TjjNrkpR-dc.nbin...