EUVD-2023-53929

Malicious code in bioql PyPI...

CVE-2025-54790 Files: Potential for SQL Injection through File Browse and List Operations

Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, Files does not have logic to prevent the exploitation of backend SQL queries without direct output, potentially allowing unauthorized data access. This is fixed in version 0.16.10...

ROS-20241212-22

Vulnerability of addRelatedObjects function of Zabbix universal monitoring system is related to failure to take measures to protect SQL query structure. to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges by...

PT-2023-8392 · Nginx-Ui · Nginx-Ui

Name of the Vulnerable Software and Affected Versions: Nginx-UI versions prior to 2.0.0.beta.9 Description: The issue is related to a lack of protection against SQL query structure exploitation in the Nginx UI server. This may allow a remote attacker to gain unauthorized access to protected...

PT-2022-25916 · WordPress · Contest Gallery Pro +1

Name of the Vulnerable Software and Affected Versions: Contest Gallery WordPress plugin versions prior to 19.1.5.1 Contest Gallery Pro WordPress plugin versions prior to 19.1.5.1 Description: The issue allows malicious users with at least author privilege to leak sensitive information from the...

Ingenium Learning Management System 5.1/6.1 - Reversible Password Hash

source: https://www.securityfocus.com/bid/5970/info Ingenium Learning Management System uses a weak algorithm to hash user and administrative credentials. Passwords may be trivially obtained by reversing the password hash. An attacker must be able to gain unauthorized access to the password hashe...