Lucene search
K

182 matches found

CVE
CVE
added 2026/04/07 6:5 p.m.6 views

CVE-2026-39319

ChurchCRM exposes a second-order SQL injection in /FundRaiserEditor.php prior to 7.1.0. An authenticated user with low privileges can inject via the iCurrentFundraiser PHP session parameter to read or modify database data. The issue is fixed in 7.1.0. CVSS v3.1 shows High impact (C/H/I/A) with Ne...

8.8CVSS6AI score0.00244EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/06 11:24 p.m.4 views

SUSE CVE-2026-34385

Fleet is open source device management software. Prior to 4.81.0, a second-order SQL injection vulnerability in Fleet's Apple MDM profile delivery pipeline could allow an attacker with a valid MDM enrollment certificate to exfiltrate or modify the contents of the Fleet database, including user...

8.6CVSS5.9AI score0.00197EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/04 5:0 p.m.6 views

CVE-2026-25773

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to sanitize category IDs before incorporating them into dynamic SQL statements when reordering categories. An attacker can inject a malicious SQL payload into the category id field, which is stored in the database and later executed unsanitiz...

8.1CVSS5.9AI score0.00309EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/03 10:49 p.m.3 views

CVE-2026-34934 PraisonAI: Second-Order SQL Injection in `get_all_user_threads`

PraisonAI is a multi-agent teams system. Prior to version 4.5.90, the getalluserthreads function constructs raw SQL queries using f-strings with unescaped thread IDs fetched from the database. An attacker stores a malicious thread ID via updatethread. When the application loads the thread list, t...

9.8CVSS5.9AI score0.00533EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/03 10:49 p.m.18 views

CVE-2026-34934 PraisonAI: Second-Order SQL Injection in `get_all_user_threads`

PraisonAI is a multi-agent teams system. Prior to version 4.5.90, the getalluserthreads function constructs raw SQL queries using f-strings with unescaped thread IDs fetched from the database. An attacker stores a malicious thread ID via updatethread. When the application loads the thread list, t...

9.8CVSS0.00533EPSS
Exploits1References1
CVE
CVE
added 2026/04/03 10:49 p.m.14 views

CVE-2026-34934

Summary: PraisonAI is affected by a second‑order SQL injection in the get_all_user_threads flow. The function builds raw SQL queries by interpolating unescaped thread IDs retrieved from the DB, enabling an attacker to inject via update_thread. When PraisonAI loads the thread list, the payload can...

9.8CVSS5.8AI score0.00533EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/04/03 3:30 p.m.2 views

GHSA-P32Q-V29X-WQ9R Focalboard doesn't sanitize category IDs before incorporating them into dynamic SQL statements

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to sanitize category IDs before incorporating them into dynamic SQL statements when reordering categories. An attacker can inject a malicious SQL payload into the category id field, which is stored in the database and later executed unsanitiz...

8.1CVSS5.9AI score0.00309EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/03 3:30 p.m.5 views

EUVD-2026-18651

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to sanitize category IDs before incorporating them into dynamic SQL statements when reordering categories. An attacker can inject a malicious SQL payload into the category id field, which is stored in the database and later executed unsanitiz...

8.1CVSS5.9AI score0.00309EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/03 3:30 p.m.7 views

Focalboard doesn't sanitize category IDs before incorporating them into dynamic SQL statements

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to sanitize category IDs before incorporating them into dynamic SQL statements when reordering categories. An attacker can inject a malicious SQL payload into the category id field, which is stored in the database and later executed unsanitiz...

8.1CVSS5.9AI score0.00309EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/04/03 2:16 p.m.5 views

CVE-2026-25773

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to sanitize category IDs before incorporating them into dynamic SQL statements when reordering categories. An attacker can inject a malicious SQL payload into the category id field, which is stored in the database and later executed unsanitiz...

8.1CVSS0.00309EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/03 1:24 p.m.3 views

CVE-2026-25773

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to sanitize category IDs before incorporating them into dynamic SQL statements when reordering categories. An attacker can inject a malicious SQL payload into the category id field, which is stored in the database and later executed unsanitiz...

8.1CVSS5.9AI score0.00309EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/03 1:24 p.m.2 views

CVE-2026-25773 Focalboard Second-Order SQL Injection in category reorder endpoint allows data exfiltration (unsupported product, no fix)

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to sanitize category IDs before incorporating them into dynamic SQL statements when reordering categories. An attacker can inject a malicious SQL payload into the category id field, which is stored in the database and later executed unsanitiz...

8.1CVSS5.9AI score0.00309EPSS
Exploits0References1
CVE
CVE
added 2026/04/03 1:24 p.m.19 views

CVE-2026-25773

CVE-2026-25773 — Focalboard 8.0 Second-Order SQL Injection in category reorder : The vulnerability arises from insufficient sanitization of category IDs used in dynamic SQL during category reordering. An authenticated attacker can store a malicious SQL payload in the category ID field, which is l...

8.1CVSS5.9AI score0.00309EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/03 1:24 p.m.23 views

CVE-2026-25773 Focalboard Second-Order SQL Injection in category reorder endpoint allows data exfiltration (unsupported product, no fix)

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to sanitize category IDs before incorporating them into dynamic SQL statements when reordering categories. An attacker can inject a malicious SQL payload into the category id field, which is stored in the database and later executed unsanitiz...

8.1CVSS0.00309EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.8 views

PT-2026-30041

Name of the Vulnerable Software and Affected Versions Focalboard version 8.0 Description Focalboard version 8.0 does not properly sanitize category IDs before using them in SQL queries when reordering categories. This can allow an attacker to inject malicious SQL code into the category ID field,...

8.1CVSS6AI score0.00309EPSS
Exploits0References9
OSV
OSV
added 2026/04/02 6:42 p.m.6 views

GO-2026-4914 Fleet's Apple MDM profile delivery has second-order SQL Injection that can compromise the database in github.com/fleetdm/fleet

Fleet's Apple MDM profile delivery has second-order SQL Injection that can compromise the database in github.com/fleetdm/fleet...

8.6CVSS5.9AI score0.00197EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.7 views

PT-2026-29954

Fleet's Apple MDM profile delivery has second-order SQL Injection that can compromise the database in github.com/fleetdm/fleet...

8.6CVSS6AI score0.00197EPSS
Exploits0References3
OSV
OSV
added 2026/04/01 11:20 p.m.3 views

GHSA-9CQ8-3V94-434G PraisonAI Has Second-Order SQL Injection in `get_all_user_threads`

Summary The getalluserthreads function constructs raw SQL queries using f-strings with unescaped thread IDs fetched from the database. An attacker stores a malicious thread ID via updatethread. When the application loads the thread list, the injected payload executes and grants full database...

9.8CVSS6AI score0.00533EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/04/01 11:20 p.m.6 views

PraisonAI Has Second-Order SQL Injection in `get_all_user_threads`

Summary The getalluserthreads function constructs raw SQL queries using f-strings with unescaped thread IDs fetched from the database. An attacker stores a malicious thread ID via updatethread. When the application loads the thread list, the injected payload executes and grants full database...

9.8CVSS6AI score0.00533EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 2026/03/30 11:0 a.m.4 views

org.hibernate/hibernate-core: Hibernate: Information disclosure and data deletion via second-order SQL injection

A flaw was found in Hibernate. A remote attacker with low privileges could exploit a second-order SQL injection vulnerability by providing specially crafted, unsanitized non-alphanumeric characters in the ID column when the InlineIdsOrClauseBuilder is used. This could lead to sensitive informatio...

8.3CVSS6.1AI score0.00782EPSS
Exploits1References4
Rows per page
Query Builder