216205 matches found
CVE-2026-48842
Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...
CVE-2026-48842
Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...
EUVD-2026-31719
Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...
CVE-2026-48842
Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...
CVE-2026-48842
The CVE affects Roundcube Webmail 1.6.x ≤1.6.15 and 1.7.x ≤1.7.0, via the virtuser_query plugin, where a pre-authentication SQL injection is triggered by a backslash-escaped preg_replace() bypass. Root cause: input crafted to bypass escapes leads to SQL injection before authentication. Impact is ...
CVE-2026-9474
A vulnerability was found in yashpokharna2555 StudentManagementSystem up to cb2f558ddf8d19396de0f92abf2d224d46a0a203. Affected by this issue is the function confirmloggedin of the file /studentdel.php. The manipulation of the argument ID results in sql injection. The attack may be launched...
CVE-2026-27768
SQL Injection affecting the Access Manager role...
CVE-2026-9474
A vulnerability was found in yashpokharna2555 StudentManagementSystem up to cb2f558ddf8d19396de0f92abf2d224d46a0a203. Affected by this issue is the function confirmloggedin of the file /studentdel.php. The manipulation of the argument ID results in sql injection. The attack may be launched...
CVE-2026-9474 yashpokharna2555 StudentManagementSystem studentdel.php confirm_logged_in sql injection
A vulnerability was found in yashpokharna2555 StudentManagementSystem up to cb2f558ddf8d19396de0f92abf2d224d46a0a203. Affected by this issue is the function confirmloggedin of the file /studentdel.php. The manipulation of the argument ID results in sql injection. The attack may be launched...
CVE-2026-9474 yashpokharna2555 StudentManagementSystem studentdel.php confirm_logged_in sql injection
A vulnerability was found in yashpokharna2555 StudentManagementSystem up to cb2f558ddf8d19396de0f92abf2d224d46a0a203. Affected by this issue is the function confirmloggedin of the file /studentdel.php. The manipulation of the argument ID results in sql injection. The attack may be launched...
CVE-2026-9469
A weakness has been identified in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. The impacted element is an unknown function of the file /success.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. T...
CVE-2026-9470
A security vulnerability has been detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This affects the function confirmloggedin of the file studenttrans.php. Such manipulation of the argument FIRSTNAME/LastName/EMAIL leads to sql injection. It is possibl...
CVE-2026-27768
CVE-2026-27768 is a SQL Injection vulnerability affecting the Access Manager role. The CVSS 3.1 vector (NETWORK, HIGH complexity, HIGH privileges required, NONE user interaction) yields a base score of 6.6 (MEDIUM). The provided documents do not specify affected products/versions beyond attributi...
CVE-2026-27768
SQL Injection affecting the Access Manager role...
CVE-2026-9470 yashpokharna2555 StudentManagementSystem student_trans.php confirm_logged_in sql injection
A security vulnerability has been detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This affects the function confirmloggedin of the file studenttrans.php. Such manipulation of the argument FIRSTNAME/LastName/EMAIL leads to sql injection. It is possibl...
CVE-2026-9470
A security vulnerability has been detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This affects the function confirmloggedin of the file studenttrans.php. Such manipulation of the argument FIRSTNAME/LastName/EMAIL leads to sql injection. It is possibl...
CVE-2026-9470 yashpokharna2555 StudentManagementSystem student_trans.php confirm_logged_in sql injection
A security vulnerability has been detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This affects the function confirmloggedin of the file studenttrans.php. Such manipulation of the argument FIRSTNAME/LastName/EMAIL leads to sql injection. It is possibl...
CVE-2026-9465
A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/GetDBDataEx.jsp. Performing a manipulation of the argument strTBName results in sql injection. Remote exploitation of the attack is possible...
CVE-2018-25380
Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through the filtertypeid, filterpidid, and filtersearch parameters. Attackers can submit POST requests to the extroformfield view with malicious SQL...
CVE-2018-25381
Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filtertypeid, filterpidid, and filtersearch parameters in POST reques...