CVE-2026-41640 NocoBase Vulnerable to SQL Injection via String Concatenation in Recursive Eager Loading

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL function in the core database package constructs a recursive CTE query by joining nodeIds with string concatenation instead of using...

SUSE CVE-2026-44331

In ProFTPD through 1.3.9a before 7666224, a SQL injection vulnerability in sqltabfetchclientscb in contrib/modwrap2sql.c allows a remote attacker to inject arbitrary SQL commands via a crafted domain name that is accessed in a reverse DNS lookup. When "UseReverseDNS on" is enabled, the...

Nocobase SQL注入漏洞

Nocobase is an open-source low-code platform developed by NocoBase. Versions of NocoBase prior to 2.0.39 contained a SQL injection vulnerability. This vulnerability stemmed from the use of string concatenation rather than parameterized queries in the queryParentSQL function, which allowed for the...

Dagster SQL注入漏洞

Dagster is an open-source orchestration platform developed by Dagster for developing, producing, and monitoring data assets. Versions of Dagster prior to 1.13.1 and Dagster libraries prior to 0.29.1 have a SQL injection vulnerability. This vulnerability arises from the fact that DuckDB, Snowflake...

XATABoost CMS SQL Injection Vulnerability

XATABoost CMS is a content management system from XATABoost that provides website content publishing and management functions. A SQL injection vulnerability exists in XATABoost CMS version 1.0.0. The vulnerability stems from the application's lack of validation of externally entered SQL statement...

WordPress plugin BetterDocs Pro SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

YesWiki SQL注入漏洞

YesWiki is a wiki system built with PHP, developed by the French organization YesWiki. It is used for creating and managing websites in a collaborative manner. Versions of YesWiki prior to 4.6.1 had a SQL injection vulnerability. This vulnerability stemmed from the direct concatenation of the...

ChestnutCMS 安全漏洞

ChestnutCMS is an enterprise-level content management system developed by liweiyi, featuring a front-end and back-end separation. Version 1.5.10 of ChestnutCMS contains a security vulnerability. This vulnerability stems from the fact that the content parameter of the cmscontent tag can be...

daptin SQL注入漏洞

Daptin is an open-source content management system developed by Daptin developers. Versions of Daptin prior to 0.11.5 had a SQL injection vulnerability. This vulnerability stemmed from the processFuzzySearch function, which splits the column parameters provided by the user using commas and insert...

CodeAstro Online Classroom 注入漏洞

CodeAstro Online Classroom is an online classroom platform provided by CodeAstro Inc. Version 1.0 of CodeAstro Online Classroom has a injection vulnerability; this vulnerability stems from the operation of the parameter squeryx in the file/askquery.php, which may lead to SQL injection attacks...

Code-Projects Feedback System 注入漏洞

Code-Projects Feedback System is an open-source feedback system developed by Code-Projects. Version 1.0 of the Code-Projects Feedback System has a injection vulnerability; this vulnerability stems from the handling of the parameter 'email' in the file 'admin/checklogin.php', which may lead to SQL...

PT-2026-38353

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPMart Team Member allows Blind SQL Injection. This issue affects Team Member: from n/a through 8.5...

PT-2026-38598

Name of the Vulnerable Software and Affected Versions JeecgBoot versions prior to 3.9.2 Description An issue exists in the JSON Object Handler component where the manipulation of the condition argument in the '/sys/dict/loadTreeData' endpoint allows for remote SQL injection. SQL injection is a...

Ghost CMS 6.19.0 - SQLi

Exploit Title: Ghost CMS 6.19.0 - SQLi Date: 2026-03-30 Exploit Author: Maksim Rogov Exploit Licence: GPL-3.0 Software Link: https://ghost.org/ Version: Ghost =3D 3.24.0, = 3.24.0, = 6.19.0 Tested on: Ghost 6.16.1 CVE : CVE-2026-26980 !/usr/bin/env python3 import requests import re import sys...

RHEL 9 : Satellite 6.18.5 Async Update (Important) (RHSA-2026:14835)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14835 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity t...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the processFuzzySearch function. An attacker can access and extract the entire database contents by supplying crafted input to the column parameter in the HTTP API, which is directly interpolated into raw SQL statement...

Daptin fuzzy search injects unvalidated column name into raw SQL

Summary processFuzzySearch in server/resource/resourcefindallpaginated.go:1484 splits the user-supplied column parameter by comma and interpolates each segment directly into goqu.Lfmt.Sprintf"LOWER%s LIKE ?", prefix+col raw SQL with no column whitelist check. The entry point is GET /api/ with...

Flight vulnerable to SQL Injection via unvalidated identifiers in SimplePdo::insert / update / delete

Summary SimplePdo::insert, SimplePdo::update, and SimplePdo::delete build SQL statements by concatenating the $table argument and the keys of the $data array directly into the query, with no identifier quoting and no validation. When an application forwards user-controlled data shapes to these...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the SimplePdo::insert, SimplePdo::update, and SimplePdo::delete functions. An attacker can execute arbitrary SQL commands by supplying crafted array keys or table names that are directly concatenated into SQL statement...

GHSA-XWQR-RCQG-22MR Flight vulnerable to SQL Injection via unvalidated identifiers in SimplePdo::insert / update / delete

Summary SimplePdo::insert, SimplePdo::update, and SimplePdo::delete build SQL statements by concatenating the $table argument and the keys of the $data array directly into the query, with no identifier quoting and no validation. When an application forwards user-controlled data shapes to these...