216337 matches found
CVE-2026-6080 Tutor LMS <= 3.9.8 - Authenticated (Admin+) SQL Injection via 'date' Parameter
The Tutor LMS plugin for WordPress is vulnerable to SQL Injection in versions up to and including 3.9.8. This is due to insufficient escaping on the 'date' parameter combined with direct interpolation into a SQL fragment before being passed to $wpdb-prepare. This makes it possible for authenticat...
CVE-2026-6080 Tutor LMS <= 3.9.8 - Authenticated (Admin+) SQL Injection via 'date' Parameter
The Tutor LMS plugin for WordPress is vulnerable to SQL Injection in versions up to and including 3.9.8. This is due to insufficient escaping on the 'date' parameter combined with direct interpolation into a SQL fragment before being passed to $wpdb-prepare. This makes it possible for authenticat...
CVE-2026-6080
The CVE describes a SQL Injection in the WordPress Tutor LMS plugin (versions ≤ 3.9.8). Root cause: insufficient escaping on the 'date' parameter and direct interpolation into a SQL fragment before $wpdb->prepare(), enabling authenticated Admin+ attackers to append extra SQL queries and extrac...
CVE-2026-3330
The Form Maker by 10Web plugin for WordPress is vulnerable to SQL Injection via the 'ipsearch', 'startdate', 'enddate', 'usernamesearch', and 'useremailsearch' parameters in all versions up to, and including, 1.15.40. This is due to the WDWFMLibrary::validatedata method calling stripslashes on us...
CVE-2026-3330 Form Maker by 10Web <= 1.15.40 - Authenticated (Administrator+) SQL Injection via 'ip_search' Parameter
The Form Maker by 10Web plugin for WordPress is vulnerable to SQL Injection via the 'ipsearch', 'startdate', 'enddate', 'usernamesearch', and 'useremailsearch' parameters in all versions up to, and including, 1.15.40. This is due to the WDWFMLibrary::validatedata method calling stripslashes on us...
CVE-2026-3330 Form Maker by 10Web <= 1.15.40 - Authenticated (Administrator+) SQL Injection via 'ip_search' Parameter
The Form Maker by 10Web plugin for WordPress is vulnerable to SQL Injection via the 'ipsearch', 'startdate', 'enddate', 'usernamesearch', and 'useremailsearch' parameters in all versions up to, and including, 1.15.40. This is due to the WDWFMLibrary::validatedata method calling stripslashes on us...
CVE-2026-3330
The Form Maker by 10Web WordPress plugin (prepare(). Authenticated attackers with Administrator+ access can inject additional SQL into existing queries to exfiltrate data. The vulnerability can be triggered via CSRF because the Submissions controller skips nonce verification for the display task....
CVE-2026-4817
The MasterStudy LMS WordPress Plugin for Online Courses and Education plugin for WordPress is vulnerable to Time-based Blind SQL Injection via the 'order' and 'orderby' parameters in the /lms/stm-lms/order/items REST API endpoint in versions up to and including 3.7.25. This is due to insufficient...
WordPress Tutor LMS plugin <= 3.9.8 - Authenticated (Admin+) SQL Injection via 'date' Parameter vulnerability
Authenticated Admin+ SQL Injection via 'date' Parameter vulnerability discovered by PRISM in WordPress Plugin Tutor LMS versions = 3.9.8...
WordPress Form Maker by 10Web plugin <= 1.15.40 - Authenticated (Administrator+) SQL Injection via 'ip_search' Parameter vulnerability
Authenticated Administrator+ SQL Injection via 'ipsearch' Parameter vulnerability discovered by Sein Linn in WordPress Plugin Form Maker by 10Web versions = 1.15.40...
CVE-2026-4817 MasterStudy LMS <= 3.7.25 - Authenticated (Subscriber+) Time-based Blind SQL Injection via 'order' and 'orderby' Parameters
The MasterStudy LMS WordPress Plugin for Online Courses and Education plugin for WordPress is vulnerable to Time-based Blind SQL Injection via the 'order' and 'orderby' parameters in the /lms/stm-lms/order/items REST API endpoint in versions up to and including 3.7.25. This is due to insufficient...
CVE-2026-4817
The MasterStudy LMS WordPress Plugin for Online Courses and Education plugin for WordPress is vulnerable to Time-based Blind SQL Injection via the 'order' and 'orderby' parameters in the /lms/stm-lms/order/items REST API endpoint in versions up to and including 3.7.25. This is due to insufficient...
WeGIA 安全漏洞
WeGIA is a network manager for the welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.10 contained security vulnerabilities, which were caused by improper handling of the cpfusuario parameter in the dao/memorando/UsuarioDAO.php file. This improper handling could lead...
PT-2026-33513
Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.6.10 Description An issue exists in the dao/memorando/UsuarioDAO.php file where the cpf usuario POST parameter overwrites the session-stored user identity through the extract$ REQUEST function in...
CVE-2026-37749
A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php...
CVE-2026-37749
A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php...
PT-2026-33409
An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product...
CVE-2026-37749
CodeAstro Simple Attendance Management System v1.0 is affected by a SQL injection in index.php via the username parameter, enabling remote unauthenticated attackers to bypass login and gain admin access. Root cause: direct interpolation of user input into the SQL query without proper escaping or ...
PT-2026-37121
Name of the Vulnerable Software and Affected Versions praisonai versions prior to 4.6.9 praisonaiagents versions prior to 1.6.9 Description Multiple backends in the multi-agent teams system fail to validate input, leading to arbitrary SQL execution. Specifically, nine backends—MySQL, PostgreSQL,...
PT-2026-33449
Name of the Vulnerable Software and Affected Versions QueryMine sms versions up to 7ab5a9ea196209611134525ffc18de25c57d9593 Description Remote SQL injection is possible via the GET Request Parameter Handler in the 'admin/editcourse.php' file. The issue occurs when the ID argument is manipulated,...