CVE-2026-44680 MikroORM: SQL injection via runtime-controlled identifiers and JSON-path keys

MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Prior to @mikro-orm/knex 6.6.14 and @mikro-orm/sql 7.0.14, MikroORM's identifier-quoting helper Platform.quoteIdentifier and the postgres/mssql overrides and its JSON-path emitters...

EUVD-2026-31893

MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Prior to @mikro-orm/knex 6.6.14 and @mikro-orm/sql 7.0.14, MikroORM's identifier-quoting helper Platform.quoteIdentifier and the postgres/mssql overrides and its JSON-path emitters...

CVE-2019-12163

GAT-Ship Web Module through 1.30 allows remote attackers to obtain potentially sensitive information via in a ws/gatshipWs.asmx/SqlVersion request...

Microsoft SQL Server Clr Stored Procedure Payload Execution Exploit

Exploit for windows platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Microsoft SQL Server Clr Stored Procedure Payload Execution',...

Upgrade to Veeam Backup & Replication 9.5 fails with "Unsupported SQL Version"

Upgrade to Veeam Backup & Replication 9.5 you receive the error "Unsupported SQL Version"...

FocusAbacus Estate - Remote SQL Injection Vulnerability

Exploit for php platform in category web applications FocusAbacus Estate - Remote SQL Injection Vulnerability 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by...

Digital Attic SQL Injection

Title : Digital Attic SQL Injection Vulnerability Vendor Link: : http://www.digitalattic.com/ Author : tempemendoan Contact : anu :D Google Dork : inurl:"gorengan tempe" intext:"CMS by Digital Attic" === POC === ? http://website/index.php?id=SQL Note : SQL Versi =4.1 Login : http://website/cp/...

jSchool Advanced Blind SQL Injection

----------------------------------------------------------------------- jSchool Advanced Blind SQL Injection Vulnerability ----------------------------------------------------------------------- Author : Don Tukulesto [email protected] Site : http://indonesiancoder.com Vendor :...

Open Bulletin Board Multiple Blind Sql Injection Vulnerability

No description provided by source. Open Bulletin Board Multiple Blind Sql Injection Vulnerability ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : Open Bulletin Board ....

GomyeCMS V4. 7 universal login vulnerability-vulnerability warning-the black bar safety net

Author:Zake 2009/10/18 Long time no write technical articles, momentary excitement JJ cocked, so wrote the following article! The author of the program the company website at Preface: Yours truly learning the SQL language is not very long, and if there are what statement to write the wrong heroes...

Firebird SQL 'op_connect_request' Denial Of Service Vulnerability (Windows)

The host is running Firebird and is prone to Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: gbfirebirddosvulnwin.nasl 4865 2016-12-28 16:16:43Z teissa $ Firebird SQL 'opconnectrequest' Denial Of Service Vulnerability Windows Authors: Sharath S Copyright: Copyright c 2009 Greenbo...

SaturnCMS (view) Blind SQL Injection Vulnerability

No description provided by source. SaturnCMS view Blind SQL Injection Vulnerability Author: Hussin X Home :IQ-SecuriTY www.IQ-TY.com | TrYaG www.TrYaG.cc Mail : [email protected] script : http://www.saturncms.com/download Demo : http://demo.saturncms.com/gallery/web/view/22 true & false...

SFS EZ Pub Site - SQL Injection

SFS EZ Pub Site - SQL Injection / / \ / / / / / / / / / / / /\ / / / / / / / / / / / / / / \ / // // / / / / // // / // / / / / / / / // / / / / / / //, / // //,/// // // /,// // // // Discovered by : Hakxer Type Gap : SQL Injection Script : SFS EZ Pub Site Greetz : Allah , Egyptian x...

interdynamic-sql.txt

. . | / | | \ \ | / / |\ \ \ |/ // / /\ \ / |/ \ / // | / | | / \ /|\ / / / / \ / \ / / / \ | | /\ /\ / \ | \ // est.2007 / / forum.darkc0de.com -d3hydr8 - sinner01 - baltazar - P47r1ck - C1c4Tr1Z - beenu -rsauron - letsgorun - K1u - DON - OutLawz - MAGE -JeTFyrE -r45c4l -Bond...

neotericuk-sql.txt

. . | / | | \ \ | / / |\ \ \ |/ // / /\ \ / |/ \ / // | / | | / \ /|\ / / / / \ / \ / / / \ | | /\ /\ / \ | \ // est.2007 / / forum.darkc0de.com -d3hydr8 - sinner01 - baltazar - P47r1ck - C1c4Tr1Z - beenu -rsauron - letsgorun - K1u - DON - OutLawz - MAGE -JeTFyrE -r45c4l -Bond...

About the database the simple intrusion and rogue damage-vulnerability warning-the black bar safety net

For domestic and foreign a lot of news, BBS and e-Commerce site using ASP+SQL design, and write an ASP programmer many many have just graduated, so, ASP+SQL attack success rate is relatively high. This type of attack method with the NT version and SQL version is not much relationship, there is no...

Gossamer Threads Links 2.x - 'User.cgi' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13484/info Gossamer Threads Links is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in t...

Gossamer Threads Links 2.x - User.cgi Cross-Site Scripting

Gossamer Threads Links 2.x - User.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/13484/info Gossamer Threads Links is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...