PT-2026-33335

Name of the Vulnerable Software and Affected Versions SourceCodester Vehicle Parking Area Management System version 1.0 Description An issue exists in the file '/parking/manage park.php' that allows for SQL Injection, a technique where malicious SQL statements are inserted into entry fields for...

PT-2026-33352

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the orderDirection parameter used in dataset-related endpoints including /de2api/datasetData/enumValueDs and /de2api/datasetTree/exportDataset. The Order2SQLOb...

PT-2026-33319

Name of the Vulnerable Software and Affected Versions ManageEngine PAM360 versions prior to 8531 ManageEngine Password Manager Pro versions 8600 through 13230 Description An authenticated SQL injection exists in the query report module. SQL injection is a type of flaw that allows an attacker to...

CVE-2026-37347

SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/viewemployee.php...

PT-2026-33363

Name of the Vulnerable Software and Affected Versions DataEase versions prior to 2.10.21 Description An issue exists in the '/de2api/datasetData/previewSql' endpoint where user-supplied SQL is wrapped in a subquery without validation to ensure the input is a single SELECT statement. By utilizing ...

SourceCodester Simple Music Cloud Community System 安全漏洞

SourceCodester Simple Music Cloud Community System is an open-source simple music cloud community system developed by SourceCodester. Version 1.0 of the SourceCodester Simple Music Cloud Community System contains a security vulnerability, which stems from the file /music/viewgenre.php being...

CVE-2026-37344

SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/managelocation.php...

CVE-2026-37346

SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/viewaccount.php?empid=...

CVE-2026-37339

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/viewgenre.php...

PT-2026-33333

Name of the Vulnerable Software and Affected Versions SourceCodester Vehicle Parking Area Management System version 1.0 Description An issue exists in the file '/parking/manage user.php' that allows for SQL Injection, a technique where malicious SQL statements are inserted into entry fields for...

PT-2026-33266

Name of the Vulnerable Software and Affected Versions Riaxe Product Customizer versions prior to 2.1.3 Description An issue exists in the Riaxe Product Customizer plugin for WordPress where unauthenticated attackers can append additional SQL queries to existing ones to extract sensitive informati...

CVE-2026-37342

SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/viewparkeddetails.php...

SourceCodester Simple Music Cloud Community System 安全漏洞

SourceCodester Simple Music Cloud Community System is an open-source simple music cloud community system developed by SourceCodester. Version 1.0 of the SourceCodester Simple Music Cloud Community System contains a security vulnerability, which stems from the file /music/viewplaylist.php being...

SourceCodester Vehicle Parking Area Management System 安全漏洞

The SourceCodester Vehicle Parking Area Management System is an open-source parking management system developed by SourceCodester. Version 1.0 of the SourceCodester Vehicle Parking Area Management System contains a security vulnerability, which stems from the file /parking/managepark.php being...

CVE-2026-37337

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/viewplaylist.php...

CVE-2026-37340

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/editmusic.php...

CVE-2026-37337

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/viewplaylist.php...

PT-2026-33358

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the API datasource update process. When a new table definition is added during a datasource update via /de2api/datasource/update, the deTableName field from th...

PT-2026-33351

DataEase is an open source data visualization analysis tool. Versions 2.10.20 and below contain a SQL injection vulnerability in the dataset export functionality. The expressionTree parameter in POST /de2api/datasetTree/exportDataset is deserialized into a filtering object and passed to...

ZOHO ManageEngine Password Manager Pro和ZOHO ManageEngine PAM360 安全漏洞

ZOHO ManageEngine Password Manager Pro and ZOHO ManageEngine PAM360 are both products of ZOHO Corporation in the United States. ZOHO ManageEngine Password Manager Pro is a password manager. ZOHO ManageEngine PAM360 is a complete PAM software solution. It provides full privilege access security fo...