Lucene search
K

234727 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.3 views

CVE-2026-4470

A security flaw has been discovered in itsourcecode Online Frozen Foods Ordering System 1.0. Affected by this issue is some unknown functionality of the file /admin/admineditmenu.php. Performing a manipulation of the argument productname results in sql injection. It is possible to initiate the...

9.8CVSS5.7AI score0.00327EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4779

A security vulnerability has been detected in SourceCodester Sales and Inventory System 1.0. This issue affects some unknown processing of the file updatecustomerdetails.php of the component HTTP GET Parameter Handler. Such manipulation of the argument sid leads to sql injection. The attack can b...

6.5CVSS6.5AI score0.00361EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.3 views

CVE-2026-4614

A vulnerability was determined in itsourcecode sanitize or validate this input 1.0. This issue affects some unknown processing of the file /admin/subjects.php of the component Parameter Handler. This manipulation of the argument subjectcode causes sql injection. The attack is possible to be carri...

6.5CVSS6.3AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4173

A flaw has been found in CodePhiliaX Chat2DB up to 0.3.7. This vulnerability affects the function exportTable/exportTableColumnComment/exportView/exportProcedure/exportTriggers/exportTrigger/updateProcedure of the file DMDBManage.java of the component Database Export Handler. This manipulation...

6.5CVSS6.2AI score0.00242EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.2 views

CVE-2026-4568

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /updatesupplier.php of the component HTTP GET Request Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit h...

6.5CVSS6.4AI score0.0031EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.3 views

CVE-2026-4781

A flaw has been found in SourceCodester Sales and Inventory System 1.0. The affected element is an unknown function of the file updatepurchase.php of the component HTTP GET Parameter Handler. Executing a manipulation of the argument sid can lead to sql injection. The attack may be performed from...

6.5CVSS6.4AI score0.00295EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.3 views

CVE-2026-4570

A vulnerability was identified in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /viewcustomers.php of the component HTTP POST Request Handler. Such manipulation of the argument searchtxt leads to sql injection. The attack can be executed remotely. The...

6.5CVSS6.6AI score0.00295EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.3 views

CVE-2026-4471

A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /admin/admineditemployee.php. Executing a manipulation of the argument FirstName can lead to sql injection. It is possible to launch the attack remotely. The exploit ha...

9.8CVSS5.8AI score0.00386EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.3 views

CVE-2026-4569

A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This impacts an unknown function of the file /viewcategory.php of the component HTTP POST Request Handler. This manipulation of the argument searchtxt causes sql injection. Remote exploitation of the attack is...

6.5CVSS6.5AI score0.0025EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.3 views

CVE-2026-4572

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /viewproduct.php of the component HTTP POST Request Handler. Executing a manipulation of the argument searchtxt can lead to sql injection. The attack m...

6.5CVSS6.5AI score0.00245EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.3 views

CVE-2026-4778

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file updatecategory.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is...

6.5CVSS6.4AI score0.00303EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.9 views

CVE-2026-4473

A vulnerability was detected in itsourcecode Online Doctor Appointment System 1.0. This issue affects some unknown processing of the file /admin/appointmentaction.php. The manipulation of the argument appointmentid results in sql injection. The attack can be launched remotely. The exploit is now...

9.8CVSS5.8AI score0.00321EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:14 p.m.6 views

CVE-2026-4550

A vulnerability has been found in code-projects Simple Gym Management System up to 1.0. This affects an unknown part of the file /gym/func.php. Such manipulation of the argument Trainerid/fname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the publ...

5.8CVSS5.8AI score0.00263EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:14 p.m.4 views

CVE-2026-4189

A weakness has been identified in phpipam up to 1.7.4. The impacted element is an unknown function of the file app/admin/sections/edit-result.php of the component Section Handler. Executing a manipulation of the argument subnetOrdering can lead to sql injection. The attack may be launched remotel...

5.8CVSS5.6AI score0.00258EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:14 p.m.3 views

CVE-2026-26794

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a SQL injection vulnerability via the addgroup function. This vulnerability allows attackers to execute arbitrary SQL database operations via a crafted HTTP request...

8.8CVSS6.2AI score0.00453EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:13 p.m.5 views

CVE-2025-36368

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, and 6.2.1.0 through 6.2.1.11 are vulnerable to SQL injection. An administrative user could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or...

7.2CVSS5.9AI score0.00314EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:13 p.m.3 views

CVE-2025-49784

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer-BigDa...

7.2CVSS6AI score0.00445EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:13 p.m.4 views

CVE-2026-25936

GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, an authenticated user can perfom a SQL injection. Version 11.0.6 fixes the issue...

8.8CVSS5.9AI score0.00339EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:12 p.m.3 views

CVE-2026-3981

A vulnerability was found in itsourcecode Online Doctor Appointment System 1.0. Affected is an unknown function of the file /admin/doctoraction.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been made publ...

9.8CVSS6.8AI score0.00379EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:12 p.m.3 views

CVE-2026-3079

The LearnDash LMS plugin for WordPress is vulnerable to blind time-based SQL Injection via the 'filtersorderbyorder' parameter in the 'learndashpropaneltemplate' AJAX action in all versions up to, and including, 5.0.3. This is due to insufficient escaping on the user supplied parameter and lack o...

6.5CVSS5.9AI score0.00272EPSS
Exploits0References1
Rows per page
Query Builder