WordPress plugin Simply Poll SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

LimeSurvey SQL注入漏洞

LimeSurvey PHPSurveyor is a set of open-source online survey programs developed by the LimeSurvey team. It supports survey program development, survey questionnaire publishing, and data collection functions. LimeSurvey has a SQL injection vulnerability. This vulnerability arises from the...

WordPress plugin Wow Viral Signups SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

WordPress plugin PICA Photo Gallery SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress plugin Product Catalog SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Version...

Apptha Slider Gallery SQL注入漏洞

Apptha Slider Gallery is a website image carousel and gallery display plugin provided by Apptha Corporation. Version 1.0 of Apptha Slider Gallery has a SQL injection vulnerability. This vulnerability stems from insufficient cleaning of the albid parameter, which may allow unauthenticated attacker...

GHSA-H9FJ-C2QR-76G2 FUXA has SQL Injection in its TDengine DAQ connector via backslash bypass of escapeTdString

Summary The TDengine DAQ storage connector's escapeTdString at server/runtime/storage/tdengine/index.js:10 doubles single quotes but does not escape backslashes. TDengine's SQL parser treats ' as a literal single quote inside a string, so a tag id of the form x' OR 1=1-- escapes the first single...

CVE-2026-11585

A vulnerability was determined in CodeAstro Student Attendance Management System 1.0. Affected is an unknown function of the file /attendance-php/Admin/createClassArms.php. This manipulation of the argument classId causes sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2026-11584

A vulnerability was found in CodeAstro Student Attendance Management System 1.0. This impacts an unknown function of the file /attendance-php/Admin/createClass.php?action=edit. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit...

CVE-2026-11582

A flaw has been found in CodeAstro Student Attendance Management System 1.0. The impacted element is an unknown function of the file /attendance-php/index.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has bee...

CVE-2026-11583

A vulnerability has been found in CodeAstro Student Attendance Management System 1.0. This affects an unknown function of the file /attendance-php/Admin/createClass.php. The manipulation of the argument className leads to sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2026-11585

CVE-2026-11585 involves CodeAstro Student Attendance Management System 1.0. The vulnerability is in an unknown function of the file /attendance-php/Admin/createClassArms.php , where manipulating the argument classId triggers an SQL injection. The issue can be exploited remotely, and the exploit h...

CVE-2026-11585

A vulnerability was determined in CodeAstro Student Attendance Management System 1.0. Affected is an unknown function of the file /attendance-php/Admin/createClassArms.php. This manipulation of the argument classId causes sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2026-11585 CodeAstro Student Attendance Management System createClassArms.php sql injection

A vulnerability was determined in CodeAstro Student Attendance Management System 1.0. Affected is an unknown function of the file /attendance-php/Admin/createClassArms.php. This manipulation of the argument classId causes sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2026-11584

A vulnerability was found in CodeAstro Student Attendance Management System 1.0. This impacts an unknown function of the file /attendance-php/Admin/createClass.php?action=edit. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit...

CVE-2026-11584 CodeAstro Student Attendance Management System createClass.php edit sql injection

A vulnerability was found in CodeAstro Student Attendance Management System 1.0. This impacts an unknown function of the file /attendance-php/Admin/createClass.php?action=edit. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit...

CVE-2026-11559

A vulnerability was detected in CodeAstro Payroll System 1.0. This affects an unknown function of the file /viewaccount.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

CVE-2026-11558

A security vulnerability has been detected in CodeAstro Payroll System 1.0. The impacted element is an unknown function of the file /homesalary.php. The manipulation of the argument rate/salaryrate leads to sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-11583

The CVE-2026-11583 entry concerns CodeAstro Student Attendance Management System 1.0. Affected component: /attendance-php/Admin/createClass.php; the vulnerability arises from manipulating the argument className, resulting in SQL injection. The issue is exploitable remotely, and the exploit has be...

EUVD-2026-35195

A vulnerability has been found in CodeAstro Student Attendance Management System 1.0. This affects an unknown function of the file /attendance-php/Admin/createClass.php. The manipulation of the argument className leads to sql injection. It is possible to initiate the attack remotely. The exploit...