216205 matches found
CVE-2018-25372
MedDream PACS Server Premium 6.7.1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the email parameter. Attackers can submit crafted POST requests to the userSignup.php endpoint with SQL payloads ...
CVE-2018-25364
Twitter-Clone 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the name parameter. Attackers can submit crafted payloads to the search.php endpoint to extract database information including username...
CVE-2018-25362
Twitter-Clone 1 contains a SQL injection vulnerability in follow.php that allows attackers to manipulate database queries by injecting SQL code through the userid parameter. Attackers can submit union-based or time-based blind SQL injection payloads to extract sensitive database information...
CVE-2026-9469
CVE-2026-9469 describes a SQL injection in yashpokharna2555 StudentManagementSystem, affecting an unknown function in /success.php where manipulating the User argument enables remote exploitation. The exploit is publicly available. The advisory notes a rolling-release workflow with no version det...
CVE-2026-9469 yashpokharna2555 StudentManagementSystem success.php sql injection
A weakness has been identified in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. The impacted element is an unknown function of the file /success.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. T...
EUVD-2026-31701
A weakness has been identified in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. The impacted element is an unknown function of the file /success.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. T...
CVE-2026-9469
A weakness has been identified in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. The impacted element is an unknown function of the file /success.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. T...
CVE-2026-9469 yashpokharna2555 StudentManagementSystem success.php sql injection
A weakness has been identified in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. The impacted element is an unknown function of the file /success.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. T...
CVE-2026-9465 Tiandy Easy7 Integrated Management Platform GetDBDataEx.jsp sql injection
A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/GetDBDataEx.jsp. Performing a manipulation of the argument strTBName results in sql injection. Remote exploitation of the attack is possible...
CVE-2026-9465 Tiandy Easy7 Integrated Management Platform GetDBDataEx.jsp sql injection
A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/GetDBDataEx.jsp. Performing a manipulation of the argument strTBName results in sql injection. Remote exploitation of the attack is possible...
CVE-2026-9465
CVE-2026-9465 affects Tiandy Easy7 Integrated Management Platform 7.17.0. The vulnerability is in unknown code of /Easy7/apps/WebService/GetDBDataEx.jsp, where manipulating the argument strTBName results in SQL injection. Remote exploitation is possible and the exploit has been made public. The v...
EUVD-2018-21903
Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filtertypeid, filterpidid, and filtersearch parameters in POST reques...
CVE-2018-25381
Joomla Responsive Portfolio 1.6.1 is affected by an SQL injection via POST parameters filter_type_id, filter_pid_id, and filter_search. The vulnerability allows authenticated attackers to execute arbitrary SQL commands and potentially extract credentials and server details. Reported CVSS v4.0/bas...
CVE-2018-25379 Collectric CMU 1.0 SQL Injection via lang Parameter
Collectric CMU 1.0 contains a boolean-based blind SQL injection vulnerability in the lang parameter that allows unauthenticated attackers to manipulate database queries during authentication. Attackers can inject SQL code through the lang parameter in login requests to extract sensitive informati...
CVE-2018-25379
Collectric CMU 1.0 contains a boolean-based blind SQL injection vulnerability in the lang parameter that allows unauthenticated attackers to manipulate database queries during authentication. Attackers can inject SQL code through the lang parameter in login requests to extract sensitive informati...
CVE-2018-25380 Joomla Component eXtroForms 2.1.5 SQL Injection via filter parameters
Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through the filtertypeid, filterpidid, and filtersearch parameters. Attackers can submit POST requests to the extroformfield view with malicious SQL...
EUVD-2018-21901
Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through the filtertypeid, filterpidid, and filtersearch parameters. Attackers can submit POST requests to the extroformfield view with malicious SQL...
CVE-2018-25379
CVE-2018-25379 affects Collectric CMU 1.0 and describes a boolean-based blind SQL injection in the login flow through the lang parameter. The vulnerability allows unauthenticated attackers to influence database queries during authentication, enabling extraction of sensitive data via time-based bl...
CVE-2018-25380 Joomla Component eXtroForms 2.1.5 SQL Injection via filter parameters
Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through the filtertypeid, filterpidid, and filtersearch parameters. Attackers can submit POST requests to the extroformfield view with malicious SQL...
CVE-2018-25380
Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through the filtertypeid, filterpidid, and filtersearch parameters. Attackers can submit POST requests to the extroformfield view with malicious SQL...