Lucene search
K

733 matches found

EUVD
EUVD
added last week4 views

EUVD-2026-39389

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in YMC Filter allows SQL Injection. This issue affects YMC Filter: from n/a through 3.11.5...

9.3CVSS5.9AI score0.00229EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.5 views

PT-2026-52416

Name of the Vulnerable Software and Affected Versions YMC Filter versions prior to 3.11.5 Description Improper neutralization of special elements used in an SQL command allows for SQL Injection. This occurs when the application fails to properly sanitize user-supplied data before incorporating it...

9.3CVSS5.8AI score0.00229EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-51030

Name of the Vulnerable Software and Affected Versions Microsoft Copilot affected versions not specified Description Improper neutralization of special elements used in a command, known as command injection, allows an unauthorized attacker to perform tampering over a network. Recommendations At th...

7.5CVSS5.8AI score0.00399EPSS
Exploits0References6
NVD
NVD
added 2026/06/17 3:17 p.m.8 views

CVE-2026-54812

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109...

9.3CVSS0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:4 a.m.12 views

EUVD-2026-37057

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Liquid Web / StellarWP The Events Calendar allows Blind SQL Injection. This issue affects The Events Calendar: from 6.15.12 through 6.16.2...

9.3CVSS5.7AI score0.00229EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/11 12:28 p.m.8 views

EUVD-2026-36238

Improper neutralization of special elements used in an expression language statement 'expression language injection' vulnerability in Soagen Informatics Technologies Software and Consulting Inc. Apinizer allows Code Injection. This issue affects Apinizer: from 2026.04.0 before 2026.04.6...

5.3CVSS5.5AI score0.00417EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.14 views

Soagen Apinizer 安全漏洞

Soagen Apinizer is an API management and API gateway platform developed by the Turkish company Soagen. Versions of Soagen Apinizer from 2026.04.0 to 2026.04.6 contained security vulnerabilities. These vulnerabilities were caused by improper handling of special elements in expressions language...

9.8CVSS5.4AI score0.00417EPSS
Exploits1References1
Snyk
Snyk
added 2026/06/09 12:0 a.m.8 views

Improper Neutralization of Special Elements in Data Query Logic

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the @Query regex parameter binding when a bound parameter is placed inside a regular expression literal using \Q...\E quoting e.g. @Query" name : /^\\Q?0\\E$/ "...

8.2CVSS5.3AI score0.00262EPSS
Exploits0References2
Redos
Redos
added 2026/06/08 12:0 a.m.6 views

ROS-20260608-73-0020

The vulnerability of the .NET software platform is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...

7.5CVSS5.5AI score0.02279EPSS
Exploits0
Redos
Redos
added 2026/06/08 12:0 a.m.6 views

ROS-20260608-73-0021

The vulnerability of the .NET software platform is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...

7.5CVSS5.5AI score0.02279EPSS
Exploits0
Redos
Redos
added 2026/06/08 12:0 a.m.4 views

ROS-20260608-73-0024

The vulnerability of the .NET software platform is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...

7.5CVSS5.5AI score0.02279EPSS
Exploits0
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34336

Improper neutralization of special elements in output used by a downstream component 'injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...

6.5CVSS5.8AI score0.00732EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34334

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

6.5CVSS5.8AI score0.0764EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.7 views

WordPress plugin School Management SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.6CVSS5.8AI score0.00231EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 3:27 p.m.10 views

EUVD-2026-33691

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection. This issue affects WP Directory Kit: from n/a through 1.5.1...

9.3CVSS5.8AI score0.00236EPSS
Exploits0References1
Redos
Redos
added 2026/05/24 12:0 a.m.12 views

ROS-20260524-73-0037

Vulnerability in vim text editor is related to failure to take measures to neutralize special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

8.2CVSS6.5AI score0.0047EPSS
Exploits0
Redos
Redos
added 2026/05/24 12:0 a.m.12 views

ROS-20260524-73-0028

Vulnerability in vim related to failure to take measures to neutralize special elements used in operating system commands. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands...

7.3CVSS6.9AI score0.00834EPSS
Exploits0
NVD
NVD
added 2026/05/22 11:16 p.m.12 views

CVE-2026-42827

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.5CVSS0.00503EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/22 10:3 p.m.10 views

EUVD-2026-31512

Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...

9.3CVSS5.8AI score0.0042EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 6:20 p.m.13 views

EUVD-2026-31153

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Drupal Drupal core allows SQL Injection. This issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0...

6.5CVSS5.8AI score0.84631EPSS
Exploits13References1
Rows per page
Query Builder