CVE-2026-0582

A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/editactivityquery.php. The manipulation of the argument Title leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be...

CVE-2025-14209 Campcodes School File Management System update_query.php sql injection

A weakness has been identified in Campcodes School File Management System 1.0. This impacts an unknown function of the file /updatequery.php. This manipulation of the argument studid causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and...

EUVD-2025-26306

Malicious code in bioql PyPI...

PT-2025-35421

Name of the Vulnerable Software and Affected Versions: code-projects Human Resource Integrated System version 1.0 Description: A SQL injection issue exists in the /log query.php file. Manipulation of the ID argument can lead to SQL injection. The exploit has been made public and could be used to...

CVE-2025-8493

A vulnerability classified as critical was found in code-projects Intern Membership Management System 1.0. This vulnerability affects unknown code of the file /admin/editstudentquery.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit...

CVE-2025-5321

A vulnerability classified as critical was found in aimhubio aim up to 3.29.1. This vulnerability affects the function RestrictedPythonQuery of the file /aim/storage/query.py of the component runview Object Handler. The manipulation of the argument Abfrage leads to erweiterte Rechte. The attack c...

An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string.

...

PT-2023-30854 · Sourcecodester · Sourcecodester Simple Membership System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Membership System version 1.0 Description: A critical vulnerability was found in the SourceCodester Simple Membership System. The issue affects the file account edit query.php, where the manipulation of the admin id...

LiftKit database library SQL注入漏洞

LiftKit database library is LiftKit open source a LiftKit database repository . LiftKit database library version 2.13.2 before the SQL injection vulnerability , the vulnerability stems from the file src/Query/Query.php function processOrderBy security issues , resulting in SQL injection...

PT-2020-13036 · WordPress · Wp-Advanced-Search

Name of the Vulnerable Software and Affected Versions: wp-advanced-search plugin version 3.3.6 Description: The Import feature in the wp-advanced-search plugin is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any...

Trend Micro Threat Discovery Appliance Arbitrary Code Execution Vulnerability (CNVD-2017-06834)

The Trend Micro Threat Discovery Appliance TDA is a threat discovery appliance with integrated cloud security technology from Trend Micro. The appliance provides detection of malicious activity at the network layer, threat management services, and threat analysis and reporting. A security...

kernel: security and bugfix update (important)

The Linux kernel was updated to fix various bugs and security issues: - mm/page-writeback.c: do not count anon pages as dirtyable memory reclaim stalls. - mm/page-writeback.c: fix dirtybalancereserve subtraction from dirtyable memory reclaim stalls. - compatsysrecvmmsg X32 fix bnc860993...

CVE-2000-0098

CVE-2000-0098 describes a path-disclosure vulnerability in Microsoft Index Server/IIS WebHits: remote attackers can determine the real path of a web directory by requesting non-existent Internet Data Query files. OpenVAS notes the issue in MS00-006 (WebHits ISAPI filter) and IDA/IDQ path disclosu...