24703 matches found
PT-2026-45396
A security flaw has been discovered in itsourcecode Online Blood Bank Management System 1.0. The affected element is an unknown function of the file /admin/campsdetails.php. Performing a manipulation of the argument hospital results in sql injection. The attack is possible to be carried out...
Student_Management_System_by_PHP SQL Injection Vulnerability
studentmanagementsystembyphp is a student information management tool developed by Raisul Islam, based on PHP. studentmanagementsystembyphp has a SQL injection vulnerability, which stems from the incorrect handling of the 'role' parameter in the User Creation Handler component of the...
CVE-2026-10204 OFCMS JSON Query SysUserController.java query sql injection
A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the component JSON Query Interface. This manipulation causes sql injection. The attack may be initiated...
CVE-2026-10204
A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the component JSON Query Interface. This manipulation causes sql injection. The attack may be initiated...
CVE-2026-10204
CVE-2026-10204 affects OFCMS 1.1.3, specifically the JSON Query Interface. The vulnerability lies in the Query function within SysUserController.java, causing a SQL injection via remote exploitation. Public exploit access is noted, and the vendor was informed early through an issue but has not re...
CVE-2026-10204 OFCMS JSON Query SysUserController.java query sql injection
A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the component JSON Query Interface. This manipulation causes sql injection. The attack may be initiated...
CVE-2026-10203 OFCMS JSON Query SystemParamController.java query sql injection
A security flaw has been discovered in OFCMS 1.1.3. Impacted is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemParamController.java of the component JSON Query Interface. The manipulation results in sql injection. The attack can be launched...
CVE-2026-10203
A security flaw has been discovered in OFCMS 1.1.3. Impacted is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemParamController.java of the component JSON Query Interface. The manipulation results in sql injection. The attack can be launched...
CVE-2026-10203
The report identifies CVE-2026-10203 affecting OFCMS 1.1.3. The vulnerability lies in the JSON Query Interface: the Query function in OFCMS-admin/src/main/java/com/ofsoft/cms/admin/controller/system/SystemParamController.java, which enables SQL injection. This can be triggered remotely, with publ...
CVE-2026-10202 OFCMS JSON Query SystemDictController.java query sql injection
A vulnerability was identified in OFCMS 1.1.3. This issue affects the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemDictController.java of the component JSON Query Interface. The manipulation leads to sql injection. The attack can be initiated...
CVE-2026-10202
A vulnerability was identified in OFCMS 1.1.3. This issue affects the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemDictController.java of the component JSON Query Interface. The manipulation leads to sql injection. The attack can be initiated...
CVE-2026-10202 OFCMS JSON Query SystemDictController.java query sql injection
A vulnerability was identified in OFCMS 1.1.3. This issue affects the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemDictController.java of the component JSON Query Interface. The manipulation leads to sql injection. The attack can be initiated...
CVE-2026-10193
A security flaw has been discovered in OFCMS up to 1.1.3. The impacted element is the function Query of the file ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\ComnController.java of the component ComnController. Performing a manipulation of the argument system.user.query results in sq...
CVE-2026-10194
A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched...
CVE-2026-10193
A security flaw has been discovered in OFCMS up to 1.1.3. The impacted element is the function Query of the file ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\ComnController.java of the component ComnController. Performing a manipulation of the argument system.user.query results in sq...
CVE-2026-10193
CVE-2026-10193 affects OFCMS up to version 1.1.3. The vulnerable element is the Query function in file at com/ofsoft/cms/admin/controller/ComnController.java (ComnController). An attacker can manipulate the argument system.user.query to trigger SQL injection. The exploit is capable of remote init...
Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by multiple vulnerabilities in qs (CVE-2025-15284, CVE-2026-2391)
Summary Multiple vulnerabilities in the qs query string parsing library used by IBM InfoSphere Optim Archive Viewer have been addressed by upgrading the library to version 6.14.2. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs parse modules...
CVE-2026-49490 OpenCATS - SQL Injection in DataGrid Filter Handling for Tags Column
OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable Tags column in the Candidates DataGrid. Attackers can bypass column filterable restrictions by...
EUVD-2026-33496
A weakness has been identified in Aider-AI Aider 0.86.3. Affected by this issue is some unknown functionality of the component Code Generation Workflow. Executing a manipulation can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and...
CVE-2026-10176
Technical details about CVE-2026-10176 are not publicly available in the provided documents; affected component and root cause are not specified beyond a generic description. Monitor for updates.