216518 matches found
CVE-2026-27681 SQL Injection vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse
Due to insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse, an authenticated user can execute crafted SQL statements to read, modify, and delete database data. This leads to a high impact on the confidentiality, integrity, and availability of th...
EUVD-2026-22075
Craft Commerce has a SQL Injection can lead to Remote Code Execution via TotalRevenue Widget...
GHSA-875V-7M49-8X88 Craft Commerce has a SQL Injection can lead to Remote Code Execution via TotalRevenue Widget
Summary A SQL injection in the Commerce TotalRevenue widget can lead to remote code execution through a chain of four vulnerabilities: SQL Injection -- The TotalRevenue stat interpolates unsanitized widget settings directly into a sprintf-based SQL Expression. Any control panel user can create an...
Craft Commerce has a SQL Injection can lead to Remote Code Execution via TotalRevenue Widget
Summary A SQL injection in the Commerce TotalRevenue widget can lead to remote code execution through a chain of four vulnerabilities: SQL Injection -- The TotalRevenue stat interpolates unsanitized widget settings directly into a sprintf-based SQL Expression. Any control panel user can create an...
EUVD-2026-22077
Craft Commerce hasVariant/hasProduct Blind SQL Injection...
PT-2026-32641
CVE-2026-37601 SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manage appointment.php. https://t.co/UmuQdNNj6l...
CVE-2025-65133
A SQL injection vulnerability exists in the School Management System version 1.0 by manikandan580. An unauthenticated or authenticated remote attacker can supply a crafted HTTP request to the affected endpoint to manipulate SQL query logic and extract sensitive database information...
PT-2026-32640
CVE-2026-37600 SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/view details.php. https://t.co/uQ5V37C8xd...
CVE-2026-37590
SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/rents/managerent.php...
CVE-2026-37601
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manageappointment.php...
CVE-2026-37600
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/viewdetails.php...
CVE-2026-37595
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/manageemployee.php...
CVE-2026-37592
Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL in the file /storage/admin/maintenance/managepricing.php...
CVE-2026-37591
Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/viewdetails.php...
CVE-2026-37589
SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/maintenance/managestorageunit.php...
CVE-2026-37600
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/viewdetails.php...
CVE-2026-37596
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/managedepartment.php...
CVE-2026-37593
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/viewatt.php...
CVE-2026-37589
SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/maintenance/managestorageunit.php...
CVE-2026-38528
Krayin CRM v2.2.x was discovered to contain a SQL injection vulnerability via the rottenlead parameter at /Lead/LeadDataGrid.php...