CVE-2025-60799

phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. The application allows unauthorized manipulation of session variables by accepting user-controlled parameters 'subject', 'server', 'database', 'queryid' without proper validation or access...

Saurus CMS Community Edition 安全漏洞

Saurus CMS Community Edition is a content management system for Saurus individual developers. A security vulnerability exists in Saurus CMS Community Edition version 4.7.1, which stems from improper handling of SQL query parameters and could lead to SQL injection attacks...

WordPress plugin Altra Side Menu 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Sql injection

Multiple improper neutralization of SQL parameters in module AfterMail aftermailpresta for PrestaShop, before version 2.2.1, allows remote attackers to perform SQL injection attacks via idcustomer, idconf, idproduct and token parameters in aftermailajax.php via the 'idproduct' parameter in hooks...

Apache Linkis 代码问题漏洞

Apache Linkis is a library of the U.S. Apache Apache Foundation. Helps to easily connect various backend compute/storage engines. A code execution vulnerability exists in Apache Linkis 1.3.1 and earlier versions, which stems from a lack of valid filtered parameters, and can be exploited by an...

CVE-2011-1343

SQL injection vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIbus before 7.3.0.4 allows remote attackers to execute arbitrary SQL commands via "dynamic SQL parameters."...