545 matches found
EUVD-2021-27771
Malicious code in bioql PyPI...
EUVD-2024-31511
Malicious code in bioql PyPI...
EUVD-2022-24847
Malicious code in bioql PyPI...
EUVD-2024-0707
Malicious code in bioql PyPI...
EUVD-2025-7076
Malicious code in bioql PyPI...
EUVD-2025-7089
Malicious code in bioql PyPI...
EUVD-2022-42772
Malicious code in bioql PyPI...
EUVD-2024-48286
Malicious code in bioql PyPI...
EUVD-2024-35159
Malicious code in bioql PyPI...
EUVD-2022-4501
Malicious code in bioql PyPI...
E-Commerce Website admin_index_search.php file SQL injection vulnerability
E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /pages/adminindexsearch.php. An attacker can exploit this vulnerability t...
Linux Distros Unpatched Vulnerability : CVE-2024-32655
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Npgsql is the .NET data provider for PostgreSQL. The WriteBind method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the...
Sports Management System mode.php File SQL Injection Vulnerability
Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter code in the file /Admin/mode.php. An attacker can exploit this vulnerability...
CVE-2025-54946
A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQL commands...
GHSA-FXGF-3XH6-M2PP Apache Superset has bypass of `DISALLOWED_SQL_FUNCTIONS` that allows execution of blocked SQL functions
A bypass of the DISALLOWEDSQLFUNCTIONS security feature in Apache Superset allows for the execution of blocked SQL functions. An attacker can use a special inline block to circumvent the denylist. This allows a user with SQL Lab access to execute functions that were intended to be disabled, leadi...
RLSA-2024:0974 Important: postgresql:12 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...
PT-2025-30912 · Xwiki · Xwiki
Name of the Vulnerable Software and Affected Versions: xWiki versions prior to 16.10.6 xWiki versions prior to 17.3.0-rc-1 Description: The application allows execution of arbitrary SQL queries in Oracle databases using functions like DBMS XMLGEN or DBMS XMLQUERY. The XWikisearchDocuments API doe...
Security Bulletin: Multiple Vulnerabilities Affected for EDB
Summary Multiple Vulnerabilities Affected for EDB has been addressed for EDB PostgreSQL with IBM and EDB Postgres Advanced Server with IBM Vulnerability Details CVEID:CVE-2025-1094 DESCRIPTION: Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral,...
WordPress plugin B1.lt 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerabilit...
Fortinet FortiWeb SQL Injection Vulnerability
Fortinet FortiWeb contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests...