Lucene search
+L

4 matches found

NVD
NVD
added 2 days ago10 views

CVE-2026-15458

The SEO Booster plugin for WordPress is vulnerable to generic SQL Injection via the 'sortfield' parameter in all versions up to, and including, 7.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...

4.9CVSS0.00272EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/26 8:15 p.m.5 views

CVE-2026-7060

A vulnerability was determined in liyupi yu-picture up to a053632c41340152bf75b66b3c543d129123d8ec. This impacts the function PageRequest of the file yu-picture-backend/src/main/java/com/yupi/yupicturebackend/service/impl/PictureServiceImpl.java of the component MyBatis-Plus. Executing a...

7.5CVSS5.3AI score0.00263EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.12 views

OpenReplay SQL注入漏洞

OpenReplay is an open-source, developer-friendly, self-hosted session replay software. Versions of OpenReplay prior to 1.20.0 contained a SQL injection vulnerability, which stemmed from the SQL injection vulnerability in the sort-field parameter...

9.8CVSS5.8AI score0.00341EPSS
Exploits1References1
NVD
NVD
added 2025/10/17 8:15 p.m.9 views

CVE-2025-11911

A vulnerability was detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. This impacts the function Query of the file /DeviceFault.do?Action=Query. The manipulation of the argument sortField results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...

8.8CVSS0.00461EPSS
Exploits1References4
Rows per page
Query Builder