Lucene search
+L

5 matches found

Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-38158

A SQL injection vulnerability in the /ureport/datasource/previewData component of ureport v2.2.9 allows attackers to access sensitive database information via crafted SQL statements...

0.0016EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago9 views

PT-2026-60590

Name of the Vulnerable Software and Affected Versions ureport version 2.2.9 Description A SQL injection issue exists in the /ureport/datasource/previewData endpoint, which handles datasource preview queries. The flaw stems from improper input validation and the use of unsafely constructed SQL...

9.8CVSS5.4AI score0.0016EPSS
Exploits0References4
CVE
CVE
added 2 days ago9 views

CVE-2026-38158

CVE-2026-38158 describes an SQL injection in ureport v2.2.9, specifically in the /ureport/datasource/previewData component. The vulnerability could allow an attacker to disclose sensitive database information via crafted SQL statements. The CVSS 3.1 score is 9.8 (CRITICAL), with attack vector NET...

9.8CVSS6.1AI score0.0016EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.9 views

Frostmourne SQL注入漏洞

Frostmourne is a multi-data source monitoring and alerting system developed by AutohomeCorp. Versions of Frostmourne 1.0 and earlier contain SQL injection vulnerabilities, which stem from the SQL injection vulnerability in the httpTest function located in the...

6.5CVSS6.7AI score0.00246EPSS
Exploits0References5
CVE
CVE
added 2026/03/12 5:53 p.m.26 views

CVE-2026-32137

CVE-2026-32137: Dataease prior to 2.10.20 is vulnerable to SQL injection in the /de2api/datasource/previewData endpoint via a directly concatenated tableName parameter. The table name is user-controllable and is not filtered or parameterized, enabling injection into the SQL statement. The issue a...

9.3CVSS5.8AI score0.00418EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder