Lucene search
K

739 matches found

NVD
NVD
added yesterday5 views

CVE-2026-57810

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affects APIExperts Square for WooCommerce: from n/a through = 4.7.4...

8.5CVSS0.00357EPSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-57707

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows SQL Injection.This issue affects Simple Business Directory Pro: from n/a through = 15.9.4...

9.3CVSS0.004EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42370

Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3...

6.4CVSS5.9AI score0.00234EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:17 p.m.5 views

EUVD-2026-39389

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in YMC Filter allows SQL Injection. This issue affects YMC Filter: from n/a through 3.11.5...

9.3CVSS5.9AI score0.00229EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52416

Name of the Vulnerable Software and Affected Versions YMC Filter versions prior to 3.11.5 Description Improper neutralization of special elements used in an SQL command allows for SQL Injection. This occurs when the application fails to properly sanitize user-supplied data before incorporating it...

9.3CVSS5.8AI score0.00229EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-51030

Name of the Vulnerable Software and Affected Versions Microsoft Copilot affected versions not specified Description Improper neutralization of special elements used in a command, known as command injection, allows an unauthorized attacker to perform tampering over a network. Recommendations At th...

7.5CVSS5.8AI score0.00399EPSS
Exploits0References6
NVD
NVD
added 2026/06/17 3:17 p.m.12 views

CVE-2026-54812

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109...

9.3CVSS0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:4 a.m.14 views

EUVD-2026-37057

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Liquid Web / StellarWP The Events Calendar allows Blind SQL Injection. This issue affects The Events Calendar: from 6.15.12 through 6.16.2...

9.3CVSS5.7AI score0.00229EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/11 12:28 p.m.10 views

EUVD-2026-36238

Improper neutralization of special elements used in an expression language statement 'expression language injection' vulnerability in Soagen Informatics Technologies Software and Consulting Inc. Apinizer allows Code Injection. This issue affects Apinizer: from 2026.04.0 before 2026.04.6...

5.3CVSS5.5AI score0.00417EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.16 views

Soagen Apinizer 安全漏洞

Soagen Apinizer is an API management and API gateway platform developed by the Turkish company Soagen. Versions of Soagen Apinizer from 2026.04.0 to 2026.04.6 contained security vulnerabilities. These vulnerabilities were caused by improper handling of special elements in expressions language...

9.8CVSS5.4AI score0.00417EPSS
Exploits1References1
Snyk
Snyk
added 2026/06/09 12:0 a.m.12 views

Improper Neutralization of Special Elements in Data Query Logic

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the @Query regex parameter binding when a bound parameter is placed inside a regular expression literal using \Q...\E quoting e.g. @Query" name : /^\\Q?0\\E$/ "...

8.2CVSS5.3AI score0.00262EPSS
Exploits0References2
Redos
Redos
added 2026/06/08 12:0 a.m.9 views

ROS-20260608-73-0024

The vulnerability of the .NET software platform is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...

7.5CVSS5.5AI score0.02279EPSS
Exploits0
Redos
Redos
added 2026/06/08 12:0 a.m.10 views

ROS-20260608-73-0021

The vulnerability of the .NET software platform is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...

7.5CVSS5.5AI score0.02279EPSS
Exploits0
Redos
Redos
added 2026/06/08 12:0 a.m.9 views

ROS-20260608-73-0020

The vulnerability of the .NET software platform is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...

7.5CVSS5.5AI score0.02279EPSS
Exploits0
EUVD
EUVD
added 2026/06/05 12:31 a.m.12 views

EUVD-2026-34336

Improper neutralization of special elements in output used by a downstream component 'injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...

6.5CVSS5.8AI score0.00732EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 12:31 a.m.11 views

EUVD-2026-34334

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

6.5CVSS5.8AI score0.0764EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

WordPress plugin School Management SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.6CVSS5.8AI score0.00231EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 3:27 p.m.11 views

EUVD-2026-33691

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection. This issue affects WP Directory Kit: from n/a through 1.5.1...

9.3CVSS5.8AI score0.00236EPSS
Exploits0References1
Redos
Redos
added 2026/05/24 12:0 a.m.13 views

ROS-20260524-73-0028

Vulnerability in vim related to failure to take measures to neutralize special elements used in operating system commands. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands...

7.3CVSS6.9AI score0.00834EPSS
Exploits0
Redos
Redos
added 2026/05/24 12:0 a.m.14 views

ROS-20260524-73-0037

Vulnerability in vim text editor is related to failure to take measures to neutralize special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

8.2CVSS6.5AI score0.0047EPSS
Exploits0
Rows per page
Query Builder