233020 matches found
CVE-2026-40822
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DevSerialReset function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40819
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the syncdata24 task due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40821
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountByID function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
web-vulnerabilities-labs
Web Vulnerabilities Labs Notes techniques issues de labs web...
PHANTOM_old
PHANTOM Autonomous Penetration Testing Framework Recon -...
PHANTOM
PHANTOM Autonomous Penetration Testing Framework Recon -...
EUVD-2026-32149
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40850 Unauthenticated SQLi in getAccountData function
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40849 Authenticated SQLi in user_alarmprofile view
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the useralarmprofile view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40848 Authenticated SQLi in tag view
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40848 Authenticated SQLi in tag view
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40847 Authenticated SQLi in system_tag view
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the systemtag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40846
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40846 Authenticated SQLi in system view
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40845
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the devicesconfiguration view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40844 Authenticated SQLi in dashboard view
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dashboard view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40844 Authenticated SQLi in dashboard view
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dashboard view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40844
The CVE describes an unauthenticated SQL Injection in a dashboard view, exploitable by a low-privileged remote attacker via a malicious SQL SELECT without proper input neutralization. Root cause: improper neutralization of special elements in a SQL SELECT command. Impact: total loss of confidenti...
CVE-2026-40842 Authenticated SQLi in getWidgetTags function
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getWidgetTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40842
The CVE-2026-40842 entry describes an unauthenticated SQL Injection in the getWidgetTags function, exploitable by a low-privilege remote attacker. The vulnerability arises from improper neutralization of certain elements in a SQL SELECT command, leading to a total loss of confidentiality. Related...