25528 matches found
EUVD-2026-25748
A vulnerability was detected in CodePanda Source canteenmanagementsystem 1.0. Affected by this issue is some unknown functionality of the file /api/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may...
EUVD-2026-25746
A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the...
PT-2026-35283
Name of the Vulnerable Software and Affected Versions CodePanda Source canteen management system version 1.0 Description A SQL injection allows remote attackers to manipulate the Username argument via the '/api/login.php' endpoint. SQL injection is a type of flaw that allows an attacker to...
PT-2026-35340
A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /edit parcel.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be...
PT-2026-35436
A vulnerability has been found in code-projects Online Lot Reservation System up to 1.0. The impacted element is an unknown function of the file /loginuser.php. The manipulation of the argument email/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
ProjeQtOr SQL注入漏洞
ProjeQtOr is a project management software developed by the French company ProjeQtOr. Versions 7.0 to 12.4.3 of ProjeQtOr contain SQL injection vulnerabilities. These vulnerabilities stem from the login function, where the login variable directly concatenates SQL queries without parameterization ...
Improper Neutralization of Special Elements in Data Query Logic
Overview org.springframework.ai:spring-ai-weaviate-store is a Building AI applications with Spring Boot Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter...
Improper Neutralization of Special Elements in Data Query Logic
Overview org.springframework.ai:spring-ai-pgvector-store is a Spring AI PGVector Vector Store Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter underlying...
Improper Neutralization of Special Elements in Data Query Logic
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter underlying vector store queries by supplying crafted filter expressions, as keys and values are not...
WordPress plugin Directorist Booking SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...
Improper Neutralization of Special Elements in Data Query Logic
Overview org.springframework.ai:spring-ai-mongodb-atlas-store is a Spring AI Vector Store - MongoDB Atlas Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter...
Improper Neutralization of Special Elements in Data Query Logic
Overview org.springframework.ai:spring-ai-oracle-store is an AI Vector Search from Oracle Database 23ai+ as a Spring AI Vector Store Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementation...
Improper Neutralization of Special Elements in Data Query Logic
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter underlying vector store queries by supplying crafted filter expressions, as keys and values are not...
Improper Neutralization of Special Elements in Data Query Logic
Overview org.springframework.ai:spring-ai-gemfire-store is a Spring AI GemFire Vector Store Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter underlying vecto...
Linux Distros Unpatched Vulnerability : CVE-2026-42040
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the encode function in lib/helpers/AxiosURLSearchParams.js contain...
PT-2026-35527
NASA Earth Observing System Data and Information System EOSDIS MODAPS v8.1 was discovered to contain a SQL injection vulnerability in the category parameter...
PT-2026-35281
A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the...
Improper Neutralization of Special Elements in Data Query Logic
Overview org.springframework.ai:spring-ai-milvus-store is a Spring AI Vector Store - Milvus Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter underlying vecto...
Improper Neutralization of Special Elements in Data Query Logic
Overview org.springframework.ai:spring-ai-advisors-vector-store is a Chat client advisors for Spring AI Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the conversationId handling in VectorStoreChatMemoryAdvisor. An attacker...
Improper Neutralization of Special Elements in Data Query Logic
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter underlying vector store queries by supplying crafted filter expressions, as keys and values are not...