CVE-2021-24141

Unvaludated input in the Advanced Database Cleaner plugin, versions before 3.0.2, lead to SQL injection allowing high privilege users admin+ to perform SQL attacks...

K000150206: PostgreSQL vulnerabilities CVE-2019-10211, CVE-2017-7546, and CVE-2015-0244

Security Advisory Description CVE-2019-10211 Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory. CVE-2017-7546 PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerabl...

Linux Distros Unpatched Vulnerability : CVE-2006-4023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a valid network IP address, which allows remote attackers ...

PostgreSQL -- PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation

The PostgreSQL Project reports: Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, and PQescapeStringConn allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection...

CVE-2024-0359

A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely...

CVE-2025-0558

CVE-2025-0558 affects TDuckCloud tduck-platform up to 4.0. The vulnerability lies in the function QueryProThemeRequest (src/main/java/com/tduck/cloud/form/request/QueryProThemeRequest.java), where manipulation of the color parameter enables an SQL injection. Impact as described across sources: re...

CVE-2022-4154 Contest Gallery Pro < 19.1.5 - Admin+ SQL Injection

The Contest Gallery Pro WordPress plugin before 19.1.5 does not escape the wpuserid GET parameter before concatenating it to an SQL query in management-show-user.php. This may allow malicious users with at administrator privileges i.e. on multisite WordPress configurations to leak sensitive...

CA.View/view-law.asp/view-info.asp sql injection

CA.View/view-law.asp/view-info.asp sql injection Credit : CodeXpLoder'tq mail : codexploderathotmaildotcom site : Biyosecurity.net,expw0rm.com thx : BiyoSecurityTeam all members thx 3APA3A spec.note : "Live The Life"...

Aardvark Topsites &lt; 4.1.0 - Multiple Vulnerabilities

Aardvark Topsites Multiple Vulnerabilities Vendor: Aardvark Industries Product: Aardvark Topsites Version: = 4.1.0 Website: http://www.aardvarkind.com/ BID: 9231 Description: Aardvark Topsites is a popular free PHP topsites script. See URL for details. Plaintext Database Pass Weakness: The login...