EUVD-2025-23548

Malicious code in bioql PyPI...

EUVD-2021-28264

Malicious code in bioql PyPI...

EUVD-2022-37776

Malicious code in bioql PyPI...

EUVD-2022-28963

Malicious code in bioql PyPI...

EUVD-2022-28966

Malicious code in bioql PyPI...

EUVD-2022-24591

Malicious code in bioql PyPI...

EUVD-2024-48287

Malicious code in bioql PyPI...

EUVD-2022-28965

Malicious code in bioql PyPI...

WordPress plugin Coupon API SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

Advantive Veracore < 2025.1.1.3 SQL Injection

Advantive Veracore version prior to 2025.1.1.3 is vulnerable to SQL Injection in timeoutWarning.asp functionality, allowing attackers to execute arbitrary SQL queries via the PmSess1 parameter. No source data...

CVE-2025-54554

CVE-2025-54554 affects Tera Insights tiCrypt (tiaudit component) prior to 2025-07-17. The vulnerability allows unauthenticated REST API requests that disclose sensitive information about underlying SQL queries and database structure. Reported across multiple feeds (Red Hat, PT Security, CVE lists...

CVE-2025-54554

tiaudit in Tera Insights tiCrypt before 2025-07-17 allows unauthenticated REST API requests that reveal sensitive information about the underlying SQL queries and database structure...

CVE-2013-10033 Kimai 0.9.2 db_restore.php SQL Injection

An unauthenticated SQL injection vulnerability exists in Kimai version 0.9.2.x via the dbrestore.php endpoint. The flaw allows attackers to inject arbitrary SQL queries into the dates POST parameter, enabling file write via INTO OUTFILE under specific environmental conditions. This can lead to...

GO-2025-3827 eKuiper API endpoints handling SQL queries with user-controlled table names. in github.com/lf-edge/ekuiper

eKuiper API endpoints handling SQL queries with user-controlled table names. in github.com/lf-edge/ekuiper...

CVE-2025-54061 WeGIASQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarDoc.php Endpoint

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the idatendidofamiliares parameter of the /html/funcionario/dependenteeditarDoc.php endpoint. This vulnerability allo...

CVE-2025-40735

A vulnerability has been identified in SINEC NMS All versions V4.0. The affected devices are vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database...

CVE-2025-34038 Weaver E-cology SQL Injection

A SQL injection vulnerability exists in Weaver E-cology 8.0 via the getdata.jsp endpoint. The application directly passes unsanitized user input from the sql parameter into a database query within the getSelectAllIdssql, type method, reachable through the cmd=getSelectAllId workflow in the...

CVE-2025-46179

A SQL Injection vulnerability was discovered in the askquery.php file of CloudClassroom-PHP Project v1.0. The squeryx parameter accepts unsanitized input, which is passed directly into backend SQL queries...

CVE-2025-46179

A SQL Injection vulnerability was discovered in the askquery.php file of CloudClassroom-PHP Project v1.0. The squeryx parameter accepts unsanitized input, which is passed directly into backend SQL queries...

BIT-MARIADB-MIN-2022-24052

MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the...