Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-53847

Name of the Vulnerable Software and Affected Versions DBIx::QuickORM versions prior to 0.000026 Description An issue exists where SQL identifiers are emitted verbatim into generated queries without proper quoting or escaping. This occurs because the default SQL builder, a SQL::Abstract subclass,...

9.8CVSS5.8AI score0.0035EPSS
Exploits0References7
CVE
CVE
added 2026/05/15 6:44 p.m.17 views

CVE-2026-45800

Summary: CVE-2026-45800 affects the Vvveb CMS prior to version 1.0.8.3. The vulnerability is an authenticated SQL injection in the frontend order history page (/user/orders). The order_by and direction parameters are taken from the URL, propagated through the Orders component, and directly concat...

8.7CVSS5.9AI score0.00265EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 5:32 p.m.24 views

CVE-2026-25947

Worklenz is affected by multiple SQL injection vulnerabilities in backend query construction affecting project/task management controllers, reporting/financial endpoints, real-time socket.io handlers, and resource scheduling prior to version 2.1.7. The issue is mitigated by upgrading to v2.1.7, w...

8.8CVSS5.7AI score0.00354EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/02/10 5:32 p.m.7 views

CVE-2026-25947 Worklenz Boolean-Based Blind SQL Injection via Improper ORDER BY Clause Input Validation

Worklenz is a project management tool. Prior to 2.1.7, there are multiple SQL injection vulnerabilities were discovered in backend SQL query construction affecting project and task management controllers, reporting and financial data endpoints, real-time socket.io handlers, and resource allocatio...

8.8CVSS5.7AI score0.00354EPSS
Exploits1References5
Snyk
Snyk
added 2025/05/01 6:34 a.m.2 views

SQL Injection

Overview sqlagg is a SQL aggregation tool Affected versions of this package are vulnerable to SQL Injection due to unsanitized user input in the ORDER BY clause. Remediation Upgrade sqlagg to version 0.13.0 or higher. References - GitHub Commit...

8.3CVSS7.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/07/01 12:0 a.m.6 views

PT-2021-3508

Name of the Vulnerable Software and Affected Versions Django versions 3.1.x through 3.1.12 Django versions 3.2.x through 3.2.4 Description The issue is related to the QuerySet.order by function in the Django web application platform, which does not properly protect the SQL query structure. This...

10CVSS8.3AI score0.87218EPSS
Exploits29References107
Rows per page
Query Builder