216674 matches found
CVE-2026-4324
The vulnerability CVE-2026-4324 affects the Katello plugin for Red Hat Satellite. It arises from improper sanitization in the sort_by parameter of the /api/hosts/bootc_images endpoint, enabling remote SQL injection that can cause Denial of Service via database errors and potentially extract data ...
CVE-2026-4324
A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by improper sanitization of user-provided input, allows a remote attacker to inject arbitrary SQL commands into the sortby parameter of the /api/hosts/bootcimages API endpoint. This can lead to a Denial of...
CVE-2025-31966 Boolean-Based SQL Injection in Multiple Unica Components
HCL Sametime is vulnerable to broken server-side validation. While the application performs client-side input checks, these are not enforced by the web server. An attacker can bypass these restrictions by sending manipulated HTTP requests directly to the server...
CVE-2025-31966 Boolean-Based SQL Injection in Multiple Unica Components
HCL Sametime is vulnerable to broken server-side validation. While the application performs client-side input checks, these are not enforced by the web server. An attacker can bypass these restrictions by sending manipulated HTTP requests directly to the server...
CVE-2025-31966
CVE-2025-31966 : HCL Sametime is vulnerable due to broken server-side validation that fails to enforce client-side input checks. An attacker can bypass restrictions by sending manipulated HTTP requests directly to the server. The documented CVSS 3.1 metrics indicate a LOW base score (2.7), with n...
Assignment
Assignment Sql injection on a...
EUVD-2026-12532
The WowStore – Store Builder & Product Blocks for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the ‘search’ parameter in all versions up to, and including, 4.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...
CVE-2026-2579 WowStore – Store Builder & Product Blocks for WooCommerce <= 4.4.3 - Unauthenticated SQL Injection via 'search' Parameter
The WowStore – Store Builder & Product Blocks for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the ‘search’ parameter in all versions up to, and including, 4.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...
CVE-2026-2579
The WowStore – Store Builder & Product Blocks for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the ‘search’ parameter in all versions up to, and including, 4.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...
EUVD-2026-12531
A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...
EUVD-2026-12530
A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...
EUVD-2026-12529
A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The affected element is an unknown function of the file /rest/devStatus/queryResources of the component Endpoint. Performing a manipulation of the argument areaId results in sql injection. The attack can be...
CVE-2026-4288
A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...
CVE-2026-4289
A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...
CVE-2026-4289
A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...
CVE-2026-4289 Tiandy Easy7 Integrated Management Platform getRecByTemplateId sql injection
A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...
CVE-2026-4288
CVE-2026-4288 affects Tiandy Easy7 Integrated Management Platform 7.17.0. The vulnerability is an SQL injection in an unknown function of the Endpoint component, triggered by manipulating the argument ID in /rest/devStatus/getDevDetailedInfo. Access is remote and exploitation is publicly availabl...
CVE-2026-4288
A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...
CVE-2026-4288 Tiandy Easy7 Integrated Management Platform Endpoint getDevDetailedInfo sql injection
A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...
Red Hat Satellite SQL注入漏洞
Red Hat Satellite is a system management platform developed by Red Hat Inc. This platform can be used to expand Linux infrastructure and provides system management functions such as administration, configuration, and monitoring. Red Hat Satellite 6 has a SQL injection vulnerability, which stems...