Lucene search
K

216733 matches found

NVD
NVD
added 2026/03/13 7:55 p.m.4 views

CVE-2026-32422

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Blind SQL Injection.This issue affects WP EasyCart: from n/a through = 5.8.13...

8.5CVSS0.00228EPSS
Exploits0References1
NVD
NVD
added 2026/03/13 7:54 p.m.4 views

CVE-2026-32418

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jordy Meow Meow Gallery meow-gallery allows Blind SQL Injection.This issue affects Meow Gallery: from n/a through = 5.4.4...

7.6CVSS0.00291EPSS
Exploits0References1
NVD
NVD
added 2026/03/13 7:54 p.m.4 views

CVE-2026-32399

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Blind SQL Injection.This issue affects Media LIbrary Assistant: from n/a through = 3.32...

8.5CVSS0.00228EPSS
Exploits0References1
NVD
NVD
added 2026/03/13 7:54 p.m.4 views

CVE-2026-32368

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through = 1.0.19...

8.5CVSS0.00228EPSS
Exploits0References1
NVD
NVD
added 2026/03/13 7:54 p.m.8 views

CVE-2026-32366

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in robfelty Collapsing Categories collapsing-categories allows Blind SQL Injection.This issue affects Collapsing Categories: from n/a through = 3.0.9...

8.5CVSS0.00228EPSS
Exploits0References1
NVD
NVD
added 2026/03/13 7:54 p.m.3 views

CVE-2026-32365

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in robfelty Collapsing Archives collapsing-archives allows Blind SQL Injection.This issue affects Collapsing Archives: from n/a through = 3.0.7...

8.5CVSS0.00272EPSS
Exploits0References1
NVD
NVD
added 2026/03/13 7:54 p.m.2 views

CVE-2026-32358

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpdevelop Booking Calendar booking allows Blind SQL Injection.This issue affects Booking Calendar: from n/a through = 10.14.15...

7.6CVSS0.00291EPSS
Exploits0References1
NVD
NVD
added 2026/03/13 7:54 p.m.3 views

CVE-2026-31922

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ays Pro Fox LMS fox-lms allows Blind SQL Injection.This issue affects Fox LMS: from n/a through = 1.0.6.3...

8.5CVSS0.00215EPSS
Exploits0References1
NVD
NVD
added 2026/03/13 7:54 p.m.9 views

CVE-2026-31917

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = 1.16.10...

8.5CVSS0.00308EPSS
Exploits0References1
NVD
NVD
added 2026/03/13 7:54 p.m.3 views

CVE-2026-25076

Anchore Enterprise versions before 5.25.1 contain an SQL injection vulnerability in the GraphQL Reports API. An authenticated attacker that is able to access the GraphQL API could execute arbitrary SQL instructions resulting in modifications to the data contained in the Anchore Enterprise databas...

8.5CVSS0.00317EPSS
Exploits0References3
NVD
NVD
added 2026/03/13 7:54 p.m.4 views

CVE-2026-22193

wpDiscuz before 7.6.47 contains an SQL injection vulnerability in the getAllSubscriptions function where string parameters lack proper quote escaping in SQL queries. Attackers can inject malicious SQL code through email, activationkey, subscriptiondate, and importedfrom parameters to manipulate...

9.2CVSS0.00305EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/13 7:35 p.m.6 views

CVE-2025-36368 IBM Sterling B2B Integrator and IBM Sterling File Gateway SQL Injection

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, and 6.2.1.0 through 6.2.1.11 are vulnerable to SQL injection. An administrative user could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or...

6.5CVSS5.9AI score0.00314EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/13 7:35 p.m.28 views

CVE-2025-36368 IBM Sterling B2B Integrator and IBM Sterling File Gateway SQL Injection

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, and 6.2.1.0 through 6.2.1.11 are vulnerable to SQL injection. An administrative user could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or...

6.5CVSS0.00314EPSS
Exploits0References1
OSV
OSV
added 2026/03/13 12:28 p.m.4 views

BIT-PARSE-2026-31871 Parse Server has a SQL Injection via dot-notation sub-key name in `Increment` operation on PostgreSQL

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0 and 8.6.31, a SQL injection vulnerability exists in the PostgreSQL storage adapter when processing Increment operations on nested object fields using dot notation e.g.,...

9.8CVSS6AI score0.00418EPSS
Exploits0References4
OSV
OSV
added 2026/03/13 12:28 p.m.2 views

BIT-PARSE-2026-31856 Parse Server has a SQL injection via `Increment` operation on nested object field in PostgreSQL

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A SQL injection vulnerability exists in the PostgreSQL storage adapter when processing Increment operations on nested object fields using dot notation e.g., stats.counter. The amount value is...

9.8CVSS5.9AI score0.00418EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/13 11:42 a.m.26 views

CVE-2026-32459 WordPress UpsellWP plugin <= 2.2.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue affects UpsellWP: from n/a through = 2.2.4...

7.6CVSS0.00222EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 11:42 a.m.4 views

CVE-2026-32458

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 WOLF bulk-editor allows Blind SQL Injection.This issue affects WOLF: from n/a through = 1.0.8.7...

5.8AI score0.00224EPSS
Exploits0References2
CVE
CVE
added 2026/03/13 11:42 a.m.10 views

CVE-2026-32459

The CVE describes an SQL Injection vulnerability (blind) in the WordPress UpsellWP plugin (checkout-upsell-and-order-bumps) affecting versions up to 2.2.4. Root cause: improper neutralization of special elements used in SQL commands. Impact stated as Blind SQL Injection, but no exploitation detai...

8.5CVSS5.8AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/13 11:42 a.m.26 views

CVE-2026-32458 WordPress WOLF plugin <= 1.0.8.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 WOLF bulk-editor allows Blind SQL Injection.This issue affects WOLF: from n/a through = 1.0.8.7...

7.6CVSS0.00224EPSS
Exploits0References1
CVE
CVE
added 2026/03/13 11:42 a.m.15 views

CVE-2026-32458

The CVE details an SQL Injection vulnerability in the WordPress WOLF plugin (RealMag777 WOLF bulk-editor) affecting versions up to 1.0.8.7. The issue is described as an improper neutralization of special elements used in an SQL command, enabling Blind SQL Injection. No exploit specifics or affect...

7.6CVSS5.8AI score0.00224EPSS
Exploits0References1
Rows per page
Query Builder