Lucene search
K

216734 matches found

CNNVD
CNNVD
added 2026/03/12 12:0 a.m.5 views

Softweb Clinic Pro SQL注入漏洞

Softweb Clinic Pro is a clinic management system developed by the British company Softweb. Softweb Clinic Pro has a SQL injection vulnerability; this vulnerability stems from the SQL injection in the month parameter, which could allow authenticated attackers to manipulate database queries and...

7.1CVSS5.9AI score0.00323EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.4 views

PT-2026-24998

🚨 CVE-2019-25538 202CMS v10 beta contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the log user parameter. Attackers can send crafted requests with malicious SQL statements in the log user field to extract...

8.8CVSS6AI score0.00365EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.5 views

Netartmedia Jobs Portal SQL注入漏洞

Netartmedia Jobs Portal is an online recruitment website system operated by the Bulgarian company Netartmedia. Version 6.1 of Netartmedia Jobs Portal has a SQL injection vulnerability. This vulnerability stems from SQL injection in email parameters, which could allow unverified attackers to...

8.8CVSS5.8AI score0.00318EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.5 views

PT-2026-24972

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to extract sensitive databa...

8.8CVSS5.9AI score0.00331EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.5 views

Nesote Inout EasyRooms SQL注入漏洞

Nesote Inout EasyRooms is a hotel management system developed by Nesote Corporation. Version 1.0 of Nesote Inout EasyRooms has a SQL injection vulnerability. This vulnerability stems from the property1 parameter, which allows for SQL injections, potentially enabling unverified attackers to...

9.1CVSS5.8AI score0.00401EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.5 views

GL-iNet GL-AR300M16 安全漏洞

GL-iNet GL-AR300M16 is a portable mini router produced by the Chinese company GL-iNet. The version GL-iNet GL-AR300M16 v4.3.11 contains a security vulnerability. This vulnerability stems from an SQL injection vulnerability in the addgroup function, which may allow for the execution of arbitrary S...

8.8CVSS6.1AI score0.00453EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/12 12:0 a.m.2 views

CVE-2026-26794

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a SQL injection vulnerability via the addgroup function. This vulnerability allows attackers to execute arbitrary SQL database operations via a crafted HTTP request...

6AI score0.00453EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.5 views

PT-2026-25026

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a SQL injection vulnerability via the add group function. This vulnerability allows attackers to execute arbitrary SQL database operations via a crafted HTTP request...

6AI score0.00453EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.5 views

PT-2026-24973

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values using time-based blind...

8.8CVSS5.9AI score0.00564EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.6 views

Jettweb PHP Hazir Haber Sitesi Scripti SQL注入漏洞

Jettweb PHP Preconfigured News Sites Script is a content management system developed by the Turkish company Jettweb. The Jettweb PHP Preconfigured News Sites Script V3 version has a SQL injection vulnerability. This vulnerability stems from the q parameter, which allows for SQL injections. It cou...

9.8CVSS5.9AI score0.00564EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.5 views

Jettweb PHP Hazir Haber Sitesi Scripti SQL注入漏洞

Jettweb PHP Ready-made News Sites Script is a content management system developed by the Turkish company Jettweb. The Jettweb PHP Ready-made News Sites Script V3 version has a SQL injection vulnerability. This vulnerability stems from the kelime parameter, which allows for SQL injections. It coul...

8.8CVSS5.9AI score0.00331EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.9 views

PT-2026-24991

Netartmedia Deals Portal contains an SQL injection vulnerability in the Email parameter of loginaction.php that allows unauthenticated attackers to manipulate database queries. Attackers can submit crafted SQL payloads through POST requests to extract sensitive information or bypass authenticatio...

8.8CVSS5.9AI score0.00304EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.9 views

Placeto CMS SQL注入漏洞

Placeto CMS is a content management system developed by Blaher. Version 4 of Placeto CMS has a SQL injection vulnerability. This vulnerability stems from the page parameters having SQL injection vulnerabilities, which may allow authenticated attackers to manipulate database queries...

7.1CVSS5.8AI score0.00284EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.6 views

Xooscripts XooDigital SQL注入漏洞

Xooscripts XooDigital is a software developed by the Xooscripts company. Xooscripts XooDigital has a SQL injection vulnerability; this vulnerability stems from the p parameter being susceptible to SQL injections, which may allow unauthenticated attackers to manipulate database queries and extract...

8.8CVSS5.8AI score0.00306EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.5 views

Netartmedia PHP Business Directory SQL注入漏洞

Netartmedia PHP Business Directory is a commercial directory website system developed by Netartmedia Company in Bulgaria. Version 4.2 of Netartmedia PHP Business Directory has a SQL injection vulnerability. This vulnerability stems from the Email parameters being subject to SQL injections, which...

8.8CVSS5.8AI score0.00304EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/11 10:40 p.m.3 views

SQL Injection

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to SQL Injection via the query field name when using PostgreSQL. An attacker can execute arbitrary SQL commands by injecting...

7.5CVSS6.2AI score0.00201EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/11 9:31 p.m.3 views

EUVD-2026-11404

A vulnerability was detected in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This affects the function getAdmins of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/admin/AdminAdminUserController.java. Performing a manipulation of the argument keywor...

5.8CVSS5.7AI score0.00202EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/11 9:31 p.m.5 views

EUVD-2026-11405

A flaw has been found in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This vulnerability affects the function getLikeMovieList of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/HomeController.java of the component Endpoint. Executing a manipulation...

5.8CVSS5.7AI score0.0021EPSS
Exploits0References7
NVD
NVD
added 2026/03/11 9:16 p.m.3 views

CVE-2026-3956

A vulnerability was detected in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This affects the function getAdmins of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/admin/AdminAdminUserController.java. Performing a manipulation of the argument keywor...

5.8CVSS0.00202EPSS
Exploits0References5
NVD
NVD
added 2026/03/11 9:16 p.m.12 views

CVE-2026-3957

A flaw has been found in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This vulnerability affects the function getLikeMovieList of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/HomeController.java of the component Endpoint. Executing a manipulation...

5.8CVSS0.0021EPSS
Exploits0References6
Rows per page
Query Builder