216734 matches found
Softweb Clinic Pro SQL注入漏洞
Softweb Clinic Pro is a clinic management system developed by the British company Softweb. Softweb Clinic Pro has a SQL injection vulnerability; this vulnerability stems from the SQL injection in the month parameter, which could allow authenticated attackers to manipulate database queries and...
PT-2026-24998
🚨 CVE-2019-25538 202CMS v10 beta contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the log user parameter. Attackers can send crafted requests with malicious SQL statements in the log user field to extract...
Netartmedia Jobs Portal SQL注入漏洞
Netartmedia Jobs Portal is an online recruitment website system operated by the Bulgarian company Netartmedia. Version 6.1 of Netartmedia Jobs Portal has a SQL injection vulnerability. This vulnerability stems from SQL injection in email parameters, which could allow unverified attackers to...
PT-2026-24972
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to extract sensitive databa...
Nesote Inout EasyRooms SQL注入漏洞
Nesote Inout EasyRooms is a hotel management system developed by Nesote Corporation. Version 1.0 of Nesote Inout EasyRooms has a SQL injection vulnerability. This vulnerability stems from the property1 parameter, which allows for SQL injections, potentially enabling unverified attackers to...
GL-iNet GL-AR300M16 安全漏洞
GL-iNet GL-AR300M16 is a portable mini router produced by the Chinese company GL-iNet. The version GL-iNet GL-AR300M16 v4.3.11 contains a security vulnerability. This vulnerability stems from an SQL injection vulnerability in the addgroup function, which may allow for the execution of arbitrary S...
CVE-2026-26794
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a SQL injection vulnerability via the addgroup function. This vulnerability allows attackers to execute arbitrary SQL database operations via a crafted HTTP request...
PT-2026-25026
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a SQL injection vulnerability via the add group function. This vulnerability allows attackers to execute arbitrary SQL database operations via a crafted HTTP request...
PT-2026-24973
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values using time-based blind...
Jettweb PHP Hazir Haber Sitesi Scripti SQL注入漏洞
Jettweb PHP Preconfigured News Sites Script is a content management system developed by the Turkish company Jettweb. The Jettweb PHP Preconfigured News Sites Script V3 version has a SQL injection vulnerability. This vulnerability stems from the q parameter, which allows for SQL injections. It cou...
Jettweb PHP Hazir Haber Sitesi Scripti SQL注入漏洞
Jettweb PHP Ready-made News Sites Script is a content management system developed by the Turkish company Jettweb. The Jettweb PHP Ready-made News Sites Script V3 version has a SQL injection vulnerability. This vulnerability stems from the kelime parameter, which allows for SQL injections. It coul...
PT-2026-24991
Netartmedia Deals Portal contains an SQL injection vulnerability in the Email parameter of loginaction.php that allows unauthenticated attackers to manipulate database queries. Attackers can submit crafted SQL payloads through POST requests to extract sensitive information or bypass authenticatio...
Placeto CMS SQL注入漏洞
Placeto CMS is a content management system developed by Blaher. Version 4 of Placeto CMS has a SQL injection vulnerability. This vulnerability stems from the page parameters having SQL injection vulnerabilities, which may allow authenticated attackers to manipulate database queries...
Xooscripts XooDigital SQL注入漏洞
Xooscripts XooDigital is a software developed by the Xooscripts company. Xooscripts XooDigital has a SQL injection vulnerability; this vulnerability stems from the p parameter being susceptible to SQL injections, which may allow unauthenticated attackers to manipulate database queries and extract...
Netartmedia PHP Business Directory SQL注入漏洞
Netartmedia PHP Business Directory is a commercial directory website system developed by Netartmedia Company in Bulgaria. Version 4.2 of Netartmedia PHP Business Directory has a SQL injection vulnerability. This vulnerability stems from the Email parameters being subject to SQL injections, which...
SQL Injection
Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to SQL Injection via the query field name when using PostgreSQL. An attacker can execute arbitrary SQL commands by injecting...
EUVD-2026-11404
A vulnerability was detected in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This affects the function getAdmins of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/admin/AdminAdminUserController.java. Performing a manipulation of the argument keywor...
EUVD-2026-11405
A flaw has been found in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This vulnerability affects the function getLikeMovieList of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/HomeController.java of the component Endpoint. Executing a manipulation...
CVE-2026-3956
A vulnerability was detected in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This affects the function getAdmins of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/admin/AdminAdminUserController.java. Performing a manipulation of the argument keywor...
CVE-2026-3957
A flaw has been found in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This vulnerability affects the function getLikeMovieList of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/HomeController.java of the component Endpoint. Executing a manipulation...