Lucene search
K

142 matches found

Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.7 views

PT-2026-27331

The JetEngine plugin for WordPress is vulnerable to SQL Injection via the listing load more AJAX action in all versions up to, and including, 3.8.6.1. This is due to the filtered query parameter being excluded from the HMAC signature validation allowing attacker-controlled input to bypass securit...

7.5CVSS5.8AI score0.00322EPSS
Exploits0References7
OSV
OSV
added 2026/01/16 9:4 p.m.2 views

GHSA-38CW-85XC-XR9X Veramo is Vulnerable to SQL Injection in Veramo Data Store ORM

Summary An SQL injection vulnerability exists in the @veramo/data-store package that allows any authenticated user to execute arbitrary SQL queries against the database. The vulnerability is caused by insufficient validation of the column parameter in the order array of query requests. Details...

6.8CVSS8.5AI score
Exploits0References5
OSV
OSV
added 2025/12/23 7:49 a.m.5 views

MAL-2025-192706 Malicious code in @ownbackup/ob-query-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e883403626d57ea766a1c9e33634ceb5558b9293ef87e9fb60ffa6d052e2454 The package @ownbackup/ob-query-builder was found to contain malicious code...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/23 7:49 a.m.7 views

Malicious code in @ownbackup/ob-query-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e883403626d57ea766a1c9e33634ceb5558b9293ef87e9fb60ffa6d052e2454 The package @ownbackup/ob-query-builder was found to contain malicious code...

7AI score
Exploits0
EUVD
EUVD
added 2025/12/23 7:49 a.m.4 views

EUVD-2025-204947

Malicious code in @ownbackup/ob-query-builder npm...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.6 views

Adobe Experience Manager (AEM) Querybuilder Internal Path Read

The remote Adobe Experience Manager AEM server is configured to allow unauthenticated users to access internal paths using the Querybuilder endpoint. This may allow an attacker to read sensitive files from the server. The Querybuilder endpoint is typically located at /bin/querybuilder.json and...

6.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.9 views

Adobe Experience Manager (AEM) QueryBuilder JCR Role Disclosure

The remote Adobe Experience Manager AEM QueryBuilder Servlet is prone to an information disclosure vulnerability. An unauthenticated attacker can exploit this issue to retrieve the JCR roles of the AEM instance by sending a specially crafted HTTP request to the QueryBuilder Servlet endpoint. No...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/10/20 6:23 p.m.5 views

CVE-2025-60514

Tillywork v0.1.3 and below is vulnerable to SQL Injection in app/common/helpers/query.builder.helper.ts...

6.5CVSS8AI score0.00279EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/17 6:31 p.m.4 views

EUVD-2025-34898

Tillywork v0.1.3 and below is vulnerable to SQL Injection in app/common/helpers/query.builder.helper.ts...

6.5CVSS7.5AI score0.00279EPSS
Exploits0References4
NVD
NVD
added 2025/10/17 6:15 p.m.8 views

CVE-2025-60514

Tillywork v0.1.3 and below is vulnerable to SQL Injection in app/common/helpers/query.builder.helper.ts...

6.5CVSS0.00279EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/17 12:0 a.m.6 views

tillywork 安全漏洞

tillywork is an open source work management solution from tillywork open source A security vulnerability exists in Tillywork v0.1.3 and earlier versions, which stems from a SQL injection vulnerability in app/common/helpers/query.builder.helper.ts...

6.5CVSS7.9AI score0.00279EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/17 12:0 a.m.3 views

CVE-2025-60514

Tillywork v0.1.3 and below is vulnerable to SQL Injection in app/common/helpers/query.builder.helper.ts...

7.6AI score0.00279EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/17 12:0 a.m.10 views

CVE-2025-60514

Tillywork v0.1.3 and below is vulnerable to SQL Injection in app/common/helpers/query.builder.helper.ts...

0.00279EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-27368

Malware in sbrugna...

5CVSS5.3AI score0.00905EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29119

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00221EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-49345

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00596EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-9889

Malicious code in bioql PyPI...

7.6CVSS8.2AI score0.00548EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/16 1:27 p.m.5 views

CVE-2025-10399

A weakness has been identified in Korzh EasyQuery up to 7.4.0. This issue affects some unknown processing of the file /api/easyquery/models/nwind/fetch of the component Query Builder UI. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has been made...

6.5CVSS7.1AI score0.00221EPSS
Exploits0References1
OSV
OSV
added 2025/09/16 4:55 a.m.4 views

MAL-2025-47350 Malicious code in tg-client-query-builder (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e88f4b4247a247c45d69b7c6082806c246a97e993f3db259215f30d0774e8db7 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 4:55 a.m.6 views

Malicious code in tg-client-query-builder (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e88f4b4247a247c45d69b7c6082806c246a97e993f3db259215f30d0774e8db7 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
Rows per page
Query Builder