CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

872 matches found

EUVD•added 2026/05/21 3:8 p.m.•8 views

EUVD-2026-31291

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection. This issue affects WP Directory Kit: from n/a through 1.5.0...

9.3CVSS5.8AI score0.00243EPSS

Exploits0References1

EUVD•added 2026/05/18 5:53 p.m.•5 views

EUVD-2026-29477

Postgrex: Channel-name SQL injection in Postgrex.Notifications.listen/3...

7.5CVSS5.8AI score0.00198EPSS

Exploits0References5

Microsoft CVE•added 2026/04/14 2:0 p.m.•3 views

SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges locally...

7.8CVSS6.3AI score0.00299EPSS

Exploits0

ATTACKERKB•added 2026/04/08 8:30 a.m.•2 views

CVE-2026-39497

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Blind SQL Injection.This issue affects FOX: from n/a through = 1.4.5...

5.9AI score0.00279EPSS

Exploits0References2

CNNVD•added 2026/03/23 12:0 a.m.•5 views

WWBN AVideo 路径遍历漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained a path traversal vulnerability. This vulnerability stemmed from the lack of path traversal protection for the name parameter in the pluginRunDatabaseScript.json.ph...

7.2CVSS6.1AI score0.00493EPSS

Exploits1References2

Positive Technologies•added 2026/03/13 12:0 a.m.•0 views

PT-2026-25172

🟠 CVE-2026-31917 - High Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = ... https://t.co/rmxKLdVO6O https://t.co/0W8qwfmY6K...

8.5CVSS5.8AI score0.00308EPSS

Exploits0References5

Positive Technologies•added 2025/12/16 12:0 a.m.•2 views

PT-2025-51436

Name of the Vulnerable Software and Affected Versions AIOSEO Plugin Team Broken Link Checker versions through 1.2.6 Description The Broken Link Checker component contains a flaw due to improper neutralization of special elements within SQL commands, leading to a potential SQL Injection issue. Thi...

7.6CVSS7.5AI score0.00348EPSS

Exploits0References3

GitLab Advisory Database•added 2025/10/22 12:0 a.m.•5 views

Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality

An authenticated SQL injection vulnerability exists in the member assignment data retrieval functionality of Admidio. Any authenticated user with permissions to assign members to a role such as an administrator can exploit this vulnerability to execute arbitrary SQL commands. This can lead to a...

7.2CVSS8.2AI score0.00361EPSS

Exploits1References5Affected Software1

Cvelist•added 2025/10/10 11:2 a.m.•5 views

CVE-2025-11188 CVE-2025-11188

The Kiwire Captive Portal contains a blind SQL injection in the nas-id parameter, allowing for SQL commands to be issued and to compromise the corresponding database...

0.00272EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-19674

Malware in sbrugna...

9.8CVSS9.2AI score0.01137EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-13083

Malware in sbrugna...

9.8CVSS9.4AI score0.01355EPSS

Exploits1References2