CVE-2026-35013 Open ISES Tickets < 3.44.2 Reflected XSS via street_view.php thelat and thelng Parameters

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in streetview.php that allows authenticated attackers to inject arbitrary JavaScript by passing unsanitized values through the thelat and thelng GET parameters directly into JavaScript variable assignments...

CVE-2026-32368

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through = 1.0.19...

EUVD-2026-11863

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through = 1.0.19...

CVE-2026-32368

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through = 1.0.19...

CVE-2026-32368

The CVE covers a SQL Injection in the WordPress plugin “Geo to Lat” (delphiknight Geo to Lat geo-to-lat) up to version 1.0.19. The root cause is improper neutralization of special elements in SQL commands, enabling Blind SQL Injection. Affected versions are

CVE-2026-32368 WordPress Geo to Lat plugin <= 1.0.19 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through = 1.0.19...

CVE-2026-32368

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through = 1.0.19...

CVE-2026-32368 WordPress Geo to Lat plugin <= 1.0.19 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through = 1.0.19...

WordPress plugin Geo to Lat SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

PT-2026-25215

🟠 CVE-2026-32368 - High Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to L... https://t.co/AXMBUTPmnj https://t.co/FboOVVJUyL...

CVE-2023-25470

Cross-Site Request Forgery CSRF vulnerability in Anton Skorobogatov Rus-To-Lat plugin = 0.3 versions...

CVE-2025-13121

CVE-2025-13121 affects cameasy Liketea 1.0.0. The vulnerability is in the API Endpoint’s front-end StoreController.php, specifically the list function, where improper handling/manipulation of the lng/lat arguments enables SQL injection. Multiple connected sources (NVD, Red Hat, CVE records, CNVD/...

PT-2025-46863

Name of the Vulnerable Software and Affected Versions cameasy Liketea version 1.0.0 Description A security issue exists in cameasy Liketea 1.0.0. The list function within the file laravel/app/Http/Controllers/Front/StoreController.php of the API Endpoint component is susceptible to SQL injection...

EUVD-1999-1013

Malware in sbrugna...

EUVD-2023-29425

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly handle buffers when the lat architecture decodes errors, which could lead to null...

MAL-2025-10177 Malicious code in @zalastax/nolb-_lat (npm)

The package @zalastax/nolb-lat was found to contain malicious code...

Malicious code in @zalastax/nolb-_lat (npm)

The package @zalastax/nolb-lat was found to contain malicious code...

CVE-2023-40921

SQL Injection vulnerability in functions/pointlist.php in Common Services soliberte before v4.3.03 allows attackers to obtain sensitive information via the lat and lng parameters...

Exploit for CVE-2024-12252

SEO LAT Auto Post = 2.2.1 - Remote Code Execution Descrip...