Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/12/10 3:13 p.m.4 views

CVE-2025-10655

SQL Injection in Frappe HelpDesk in the dashboard getdashboarddata due to unsafe concatenation of user-controlled parameters into dynamic SQL statements.This issue affects Frappe HelpDesk: 1.14.0...

8.6CVSS8AI score0.00468EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/27 12:58 a.m.10 views

CVE-2025-66260

PostgreSQL SQL Injection statussql.php in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform SQL injection via sw1 and sw2 parameters in statussql.php. The statussql.php endpoint constructs...

7.2CVSS8.3AI score0.00268EPSS
Exploits1References1
CVE
CVE
added 2025/11/26 5:45 p.m.18 views

CVE-2025-11461

CVE-2025-11461 affects Frappe CRM 1.53.1. The vulnerability is multiple SQL injections in the Dashboard Controller caused by unsafe concatenation of user-controlled parameters into dynamic SQL statements. Red Hat and EUVD entries confirm the same description. Connected documents do not specify a ...

8.8CVSS7.2AI score0.00305EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/09/26 1:47 p.m.4 views

CVE-2025-59831

git-commiters is a Node.js function module providing committers stats for their git repository. Prior to version 0.1.2, there is a command injection vulnerability in git-commiters. This vulnerability manifests with the library's primary exported API: gitCommitersoptions, callback which allows...

8.7CVSS7.9AI score0.0228EPSS
Exploits1References1
NVD
NVD
added 2025/08/22 7:15 p.m.4 views

CVE-2025-51092

The LogIn-SignUp project by VishnuSivadasVS is vulnerable to SQL Injection due to unsafe construction of SQL queries in DataBase.php. The functions logIn and signUp build queries by directly concatenating user input and unvalidated table names without using prepared statements. While a prepareDat...

9.8CVSS0.00381EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/22 12:0 a.m.8 views

CVE-2025-51092

The LogIn-SignUp project by VishnuSivadasVS is vulnerable to SQL Injection due to unsafe construction of SQL queries in DataBase.php. The functions logIn and signUp build queries by directly concatenating user input and unvalidated table names without using prepared statements. While a prepareDat...

0.00381EPSS
Exploits0References1
Rows per page
Query Builder