PT-2026-45405

A vulnerability was identified in itsourcecode Content Management System 1.0. This vulnerability affects unknown code of the file /save comment.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...

Itsourcecode Online House Rental System SQL Injection Vulnerability

itsourcecode Online House Rental System is an open-source online housing rental system developed by itsourcecode. Version 1.0 of the itsourcecode Online House Rental System has a SQL injection vulnerability. This vulnerability arises from improper handling of parameter IDs in the...

PT-2026-45459

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection. This issue affects WP Directory Kit: from n/a through 1.5.1...

PT-2026-45621

Paroiciel 11.20 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the eGeqIdEquipe parameter. Attackers can send GET requests to the egeq.php endpoint with crafted SQL payloads to extract sensitive...

PT-2026-45625

WP AutoSuggest 0.24 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wpas keys parameter. Attackers can send GET requests to autosuggest.php with crafted wpas keys values to extract sensitive...

NextCloud SQL Injection Vulnerability

Nextcloud is an open-source, self-hosted communication platform for file synchronization and sharing developed by the German company Nextcloud. Versions of Nextcloud from 0.9.0 to 0.9.7, as well as versions from 1.0.0 to 1.0.2, had a SQL injection vulnerability. This vulnerability stemmed from...

ITSsourcecode Content Management System SQL Injection Vulnerability

itsourcecode Content Management System is an open-source content management system developed by itsourcecode. Version 1.0 of the itsourcecode Content Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of the topicid parameter in the file...

PT-2026-45407

A weakness has been identified in itsourcecode Content Management System 1.0. Impacted is an unknown function of the file /admin/add sub topic.php. This manipulation of the argument topic id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made availab...

PT-2026-45551

A vulnerability was found in CodeAstro Payroll System 1.0. This affects an unknown part of the file /home employee.php. The manipulation of the argument emp id results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...

Drupal Core 10.5.5 - Error-Based SQL Injection

Exploit Title: Drupal Core 10.5.5 - Error-Based SQL Injection Google Dork: N/A Date: 2026-05-31 Exploit Author: cardosource Vendor Homepage: https://www.drupal.org Software Link: https://www.drupal.org/project/drupal Version: Drupal Core 10.5.5 Tested on: Debian Linux Docker, PHP 8.2, Apache,...

SourceCodester Computer Repair Shop Management System SQL Injection Vulnerability

SourceCodester Computer Repair Shop Management System is an open-source computer repair workshop management system developed by SourceCodester. Versions of the SourceCodester Computer Repair Shop Management System prior to version 1.0 contained SQL injection vulnerabilities. These vulnerabilities...

PT-2026-45640

A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /manage course.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used...

Pixa Bank SQL Injection Vulnerability

Pixa Bank is an integrated AI visual creation workspace provided by Pixa Corporation. Version 2.0 of Pixa Bank has a SQL injection vulnerability. This vulnerability stems from the injection of SQL code using the rib parameter, which may allow unauthorized attackers to extract sensitive user...

PT-2026-45260

Name of the Vulnerable Software and Affected Versions OTRS versions 7.0.x through 2026.3.x OTRS Community Edition version 6.0.x Description Improper input validation in the database layer module allows an unauthenticated SQL injection, which can lead to an authentication bypass. This enables...

Code-Projects Online Hospital Management System SQL Injection Vulnerability

Code-Projects Online Hospital Management System is an open-source online hospital management system developed by Code-Projects. The 1.php version of the Code-Projects Online Hospital Management System has a SQL injection vulnerability. This vulnerability stems from improper handling of the Userna...

SourceCodester Water Billing Management System SQL Injection Vulnerability

The SourceCodester Water Billing Management System is an open-source water billing management system developed by SourceCodester. Version 1.0 of the SourceCodester Water Billing Management System contains a SQL injection vulnerability. This vulnerability stems from incorrect parameter handling in...

ITSsourcecode Content Management System SQL Injection Vulnerability

itsourcecode Content Management System is an open-source content management system developed by itsourcecode. Version 1.0 of the itsourcecode Content Management System has a SQL injection vulnerability. This vulnerability stems from improper handling of the topicid parameter in the file...

PT-2026-45622

No-Cms 1.0 contains an SQL injection vulnerability in the order by parameter of the manage privilege export endpoint that allows authenticated attackers to manipulate database queries. Attackers can submit POST requests to /nocms/main/manage privilege/index/export with malicious SQL code in the...

PT-2026-45620

Paroiciel 11.20 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the zProIdPro parameter. Attackers can send GET requests to zpro.php with crafted SQL payloads in the zProIdPro parameter to extract...

OTRS security vulnerabilities

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in OTRS versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X, as well as in the Community Edition 6.0.x version. These vulnerabilities stem from improper input validation ...