Security Bulletin:IBM Storage Protect Server is affected by a vulnerability that could allow authenticated users to access administrative metadata through the JSON-RPC endpoint (CVE-2025-13855).

Summary IBM Storage Protect Server provides a JSON-RPC endpoint through which authenticated users can execute backend SQL SELECT queries and access data from internal database tables, potentially exposing administrative metadata. Vulnerability Details CVEID:CVE-2025-13855 DESCRIPTION: IBM Storage...

CVE-2026-5328

A weakness has been identified in shsuishang modulithshop up to 829bac71f507e84684c782b9b062b8bf3b5585d6. The impacted element is the function listItem of the file src/main/java/com/suisung/shopsuite/pt/service/impl/ProductIndexServiceImpl.java of the component ProductItemDao Interface. Executing...

CVE-2026-35168

OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, the Aggiornamenti Updates module in OpenSTAManager contains a database conflict resolution feature op=risolvi-conflitti-database that accepts a JSON array of SQL statements via PO...

GHSA-P32Q-V29X-WQ9R Focalboard doesn't sanitize category IDs before incorporating them into dynamic SQL statements

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to sanitize category IDs before incorporating them into dynamic SQL statements when reordering categories. An attacker can inject a malicious SQL payload into the category id field, which is stored in the database and later executed unsanitiz...

JLSEC-2026-37

A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pgamcheck commands activated relevant protections too late or no...

JLSEC-2026-47

Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invok...

JLSEC-2026-27

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest...

JLSEC-2026-29

When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption...

JLSEC-2026-52

Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting...

JLSEC-2026-24

It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the searchpath during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the...

CVE-2026-5322

A vulnerability has been found in AlejandroArciniegas mcp-data-vis bc597e391f184d2187062fd567599a3cb72adf51/de5a51525a69822290eaee569a1ab447b490746d. This affects the function Request of the file src/servers/database/server.js of the component MCP Handler. The manipulation leads to sql injection...

CVE-2026-33614

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getinfo endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

Exploit for SQL Injection in Dolibarr

Nostradamus SQL injection exploitation tool with predictive...

GHSA-2FR7-CC4F-WH98 OpenSTAManager: SQL Injection via Aggiornamenti Module

Description The Aggiornamenti Updates module in OpenSTAManager query'SET FOREIGNKEYCHECKS=0'; // Line 69: FK checks DISABLED $errors = ; $executed = 0; foreach $queries as $query try $dbo-query$query; // Line 76: DIRECT EXECUTION ++$executed; catch Exception $e $errors = $query.' - '.$e-getMessag...

OpenSTAManager: SQL Injection via Aggiornamenti Module

Description The Aggiornamenti Updates module in OpenSTAManager query'SET FOREIGNKEYCHECKS=0'; // Line 69: FK checks DISABLED $errors = ; $executed = 0; foreach $queries as $query try $dbo-query$query; // Line 76: DIRECT EXECUTION ++$executed; catch Exception $e $errors = $query.' - '.$e-getMessag...

PT-2026-30286

Name of the Vulnerable Software and Affected Versions OpenSTAManager versions prior to 2.10.2 Description OpenSTAManager contains an SQL Injection vulnerability in the confronta righe.php files across different modules. The righe parameter, received via the $ GET'righe' request, is directly...

PT-2026-30248

Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, a SQL Injection vulnerability was discovered in Piwigo affecting the Activity List API endpoint. This vulnerability allows an authenticated administrator to extract sensitive data from the database, including...

Piwigo 安全漏洞

Piwigo is a web-based open-source image library software developed by Piwigo contributors. This software includes functions such as image management, image classification, and permission management. Versions of Piwigo prior to 16.3.0 contained security vulnerabilities. These vulnerabilities stemm...

Piwigo SQL注入漏洞

Piwigo is a web-based open-source image library software developed by Piwigo contributors. This software includes functions such as image management, image classification, and permission management. Versions of Piwigo prior to 16.3.0 had a SQL injection vulnerability. This vulnerability stemmed...

PT-2026-30256

Emlog is an open source website building system. Prior to version 2.6.8, the backend upgrade interface accepts remote SQL and ZIP URLs via GET parameters. The server first downloads and executes the SQL file, then downloads the ZIP file and extracts it directly into the web root directory. This...