765 matches found
CVE-2026-21856 Tarkov Data Manager has Authenticated SQL Injection
The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to commit 9bdb3a75a98a7047b6d70144eb1da1655d6992a8, a time based blind SQL injection vulnerability in the webhook edit and scanner api endpoints that allow an authenticated attacker to execute arbitrary SQL queries against th...
CVE-2022-27927
A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable coursecode and/or customernumber parameter...
Remote Code Execution (RCE)
MySQL Connector/J is vulnerable to Remote Code Execution RCE. The vulnerability is due to an unspecified flaw in Connector/J that allows an unauthenticated attacker with network access to compromise the connector through user interaction, potentially resulting in complete takeover of the affected...
CVE-2025-14201 alokjaiswal Hotel-Management-services-using-MYSQL-and-php dishsub.php cross site scripting
A vulnerability was found in alokjaiswal Hotel-Management-services-using-MYSQL-and-php up to 5f8b60a7aa6c06a5632de569d4e3f6a8cd82f76f. Affected by this vulnerability is an unknown functionality of the file /dishsub.php. The manipulation of the argument item.name results in cross site scripting. I...
Exploit for Unrestricted Upload of File with Dangerous Type in Skittles Employee_Records_System
CVE-2021-4462 Test Environment Docker-based test environment...
CVE-2025-41076
In version 6.13.0 of LimeSurvey, any external user can cause a 500 error in the survey system by sending a malformed session cookie. Instead of displaying a generic error message, the system exposes internal backend information, including the use of the Yii framework, the MySQL/MariaDB database...
CVE-2025-41076
In version 6.13.0 of LimeSurvey, any external user can cause a 500 error in the survey system by sending a malformed session cookie. Instead of displaying a generic error message, the system exposes internal backend information, including the use of the Yii framework, the MySQL/MariaDB database...
CVE-2025-12743 SQL Injection in Looker Project Generation Endpoint Allows Access to Internal MySQL Database
The Looker endpoint for generating new projects from database connections allows users to specify "looker" as a connection name, which is a reserved internal name for Looker's internal MySQL database. The schemas parameter is vulnerable to SQL injection, enabling attackers to manipulate SELECT...
EUVD-2025-124681
Malicious code in mysql-apollo-ganymede-helios npm...
EUVD-2025-111788
Malicious code in less-loader-phoebe-scripts-mysql npm...
EUVD-2006-1215
Malware in sbrugna...
EUVD-2008-5817
Malware in sbrugna...
EUVD-2019-8215
Malware in sbrugna...
EUVD-2008-2874
Malware in sbrugna...
EUVD-2011-1904
Malware in sbrugna...
EUVD-2018-7589
Malware in sbrugna...
EUVD-2000-0968
Malware in sbrugna...
EUVD-2018-6597
Malware in sbrugna...
EUVD-2017-9525
Malware in sbrugna...
EUVD-2018-11338
Malware in sbrugna...