CVE-2026-33142 OneUptime: ClickHouse SQL Injection via unvalidated column identifiers in sort, select, and groupBy parameters

OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the fix for CVE-2026-32306 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query...

EUVD-2020-28324

Malware in sbrugna...

HB CMS 1.7 - SQL Injection

Securitylab.ir Application Info: Name: HB cms Version: 1.7 Website: http://www.hbcms.com Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: adminatsecuritylab.ir & info@securitylabdotir Vulnerability Info: Type: Sql Injection Risk: Medium Dork: inurl:/hbcms/php/ magicquotesgpc ...