eBrigade ERP SQL注入漏洞

eBrigade ERP is a comprehensive business system for enterprise resource planning management developed by the French company eBrigade. Version 4.5 of eBrigade ERP contains a SQL injection vulnerability, which stems from insufficient input validation for the id parameter in the pdf.php file. This...

Exploit for SQL Injection in Facturascripts

CVE-2026-25514: FacturaScripts has SQL Injection in Autocomple...

Exploit for Improper Neutralization of Special Elements in Data Query Logic in Facturascripts

CVE-2026-25513: FacturaScripts has SQL Injection in API ORDER...

Exploit for SQL Injection in Devcode Openstamanager

CVE-2026-24419: OpenSTAManager has a SQL Injection in the Prim...

Exploit for SQL Injection in Devcode Openstamanager

CVE-2026-24418: OpenSTAManager has a SQL Injection vulnerabili...

Exploit for SQL Injection in Devcode Openstamanager

CVE-2026-24417: OpenSTAManager has a Time-Based Blind SQL Inje...

Exploit for SQL Injection in Devcode Openstamanager

CVE-2026-24416: OpenSTAManager has a Time-Based Blind SQL Inje...

Exploit for SQL Injection in Devcode Openstamanager

CVE-2025-69214: OpenSTAManager has a SQL Injection in ajaxsel...

Exploit for SQL Injection in Devcode Openstamanager

CVE-2025-69213: OpenSTAManager has a SQL Injection in ajaxcom...

Exploit for SQL Injection in Devcode Openstamanager

CVE-2025-69216: OpenSTAManager has a SQL Injection in Scadenza...

Exploit for SQL Injection in Wbce Wbce_Cms

CVE-2025-65950: WBCE CMS is Vulnerable to Time-Based Blind SQL...

Exploit for SQL Injection in Churchcrm

CVE-2025-68400: ChurchCRM vulnerable to time-based blind SQL I...

EUVD-2026-21660

The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 9.2.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2026-5207

The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 9.2.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2026-5207

The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 9.2.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2026-5207 LifterLMS <= 9.2.1 - Authenticated (Custom+) SQL Injection via 'order' Parameter

The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 9.2.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

SQL Injection

Overview @saltcorn/data is a Data models for Saltcorn, open-source no-code platform Affected versions of this package are vulnerable to SQL Injection via the Literal function. An attacker can execute arbitrary SQL commands, manipulate database schema, or exfiltrate data by injecting crafted input...

CVE-2026-39497

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Blind SQL Injection.This issue affects FOX: from n/a through = 1.4.5...

CVE-2026-39487

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ameliabooking Amelia ameliabooking allows Blind SQL Injection.This issue affects Amelia: from n/a through = 2.1.1...

CVE-2026-39495

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Blind SQL Injection.This issue affects Simply Schedule Appointments: from n/a through = 1.6.9.27...