Lucene search
K

216674 matches found

CVE
CVE
added 2026/03/17 1:52 p.m.22 views

CVE-2026-4324

The vulnerability CVE-2026-4324 affects the Katello plugin for Red Hat Satellite. It arises from improper sanitization in the sort_by parameter of the /api/hosts/bootc_images endpoint, enabling remote SQL injection that can cause Denial of Service via database errors and potentially extract data ...

5.4CVSS6AI score0.00262EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/17 1:52 p.m.5 views

CVE-2026-4324

A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by improper sanitization of user-provided input, allows a remote attacker to inject arbitrary SQL commands into the sortby parameter of the /api/hosts/bootcimages API endpoint. This can lead to a Denial of...

5.4CVSS5.9AI score0.00262EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/17 11:29 a.m.31 views

CVE-2025-31966 Boolean-Based SQL Injection in Multiple Unica Components

HCL Sametime is vulnerable to broken server-side validation. While the application performs client-side input checks, these are not enforced by the web server. An attacker can bypass these restrictions by sending manipulated HTTP requests directly to the server...

2.7CVSS0.00194EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/17 11:29 a.m.1 views

CVE-2025-31966 Boolean-Based SQL Injection in Multiple Unica Components

HCL Sametime is vulnerable to broken server-side validation. While the application performs client-side input checks, these are not enforced by the web server. An attacker can bypass these restrictions by sending manipulated HTTP requests directly to the server...

2.7CVSS5.9AI score0.00194EPSS
Exploits0References1
CVE
CVE
added 2026/03/17 11:29 a.m.13 views

CVE-2025-31966

CVE-2025-31966 : HCL Sametime is vulnerable due to broken server-side validation that fails to enforce client-side input checks. An attacker can bypass restrictions by sending manipulated HTTP requests directly to the server. The documented CVSS 3.1 metrics indicate a LOW base score (2.7), with n...

2.7CVSS5.9AI score0.00194EPSS
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2026/03/17 9:25 a.m.115 views

Assignment

Assignment Sql injection on a...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/03/17 1:24 a.m.7 views

EUVD-2026-12532

The WowStore – Store Builder & Product Blocks for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the ‘search’ parameter in all versions up to, and including, 4.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...

7.5CVSS5.9AI score0.00304EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/17 1:24 a.m.3 views

CVE-2026-2579 WowStore – Store Builder & Product Blocks for WooCommerce <= 4.4.3 - Unauthenticated SQL Injection via 'search' Parameter

The WowStore – Store Builder & Product Blocks for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the ‘search’ parameter in all versions up to, and including, 4.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...

7.5CVSS5.9AI score0.00304EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/17 1:24 a.m.3 views

CVE-2026-2579

The WowStore – Store Builder & Product Blocks for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the ‘search’ parameter in all versions up to, and including, 4.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...

7.5CVSS5.9AI score0.00304EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/17 12:31 a.m.3 views

EUVD-2026-12531

A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/17 12:31 a.m.8 views

EUVD-2026-12530

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/17 12:31 a.m.3 views

EUVD-2026-12529

A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The affected element is an unknown function of the file /rest/devStatus/queryResources of the component Endpoint. Performing a manipulation of the argument areaId results in sql injection. The attack can be...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
NVD
NVD
added 2026/03/17 12:16 a.m.3 views

CVE-2026-4288

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...

7.5CVSS0.00254EPSS
Exploits0References4
NVD
NVD
added 2026/03/17 12:16 a.m.3 views

CVE-2026-4289

A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...

7.5CVSS0.00254EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/17 12:3 a.m.3 views

CVE-2026-4289

A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...

7.5CVSS5.6AI score0.00254EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/17 12:3 a.m.2 views

CVE-2026-4289 Tiandy Easy7 Integrated Management Platform getRecByTemplateId sql injection

A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...

7.5CVSS5.6AI score0.00254EPSS
Exploits0References4
CVE
CVE
added 2026/03/17 12:2 a.m.14 views

CVE-2026-4288

CVE-2026-4288 affects Tiandy Easy7 Integrated Management Platform 7.17.0. The vulnerability is an SQL injection in an unknown function of the Endpoint component, triggered by manipulating the argument ID in /rest/devStatus/getDevDetailedInfo. Access is remote and exploitation is publicly availabl...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/17 12:2 a.m.2 views

CVE-2026-4288

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...

7.5CVSS5.8AI score0.00254EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/17 12:2 a.m.4 views

CVE-2026-4288 Tiandy Easy7 Integrated Management Platform Endpoint getDevDetailedInfo sql injection

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...

7.5CVSS5.8AI score0.00254EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/17 12:0 a.m.4 views

Red Hat Satellite SQL注入漏洞

Red Hat Satellite is a system management platform developed by Red Hat Inc. This platform can be used to expand Linux infrastructure and provides system management functions such as administration, configuration, and monitoring. Red Hat Satellite 6 has a SQL injection vulnerability, which stems...

5.4CVSS7.3AI score0.00262EPSS
Exploits0References3
Rows per page
Query Builder