6739 matches found
CVE-2026-13550
A weakness has been identified in itsourcecode Baptism Information Management System 1.0. The impacted element is an unknown function of the file /delbaptism.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been mad...
EUVD-2026-40042
A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /doctorprofile.php. The manipulation of the argument doctorname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2026-13535
A flaw has been found in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function GetFileInfo of the file hrsystem/application/models/Employeemodel.php of the component View Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack...
EUVD-2026-40028
A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /department.php. The manipulation of the argument editid results in sql injection. The attack may be performed from remote. The exploit has been released to the public a...
EUVD-2026-40022
A vulnerability was detected in CodeAstro Human Resource Management System 1.0. This issue affects the function emselectByCode of the file application/models/Employeemodel.php of the component UpdateEarnLeave Endpoint. The manipulation of the argument emid results in sql injection. The attack can...
PT-2026-53200
Name of the Vulnerable Software and Affected Versions itsourcecode Hospital Management System version 1.0 Description An issue exists in the Appointment Handler component within the /appointmentdetail.php endpoint. Remote manipulation of the editid argument allows for SQL injection, a technique...
EUVD-2026-39993
A vulnerability has been found in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminprofile.php. The manipulation of the argument loginid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the publ...
CVE-2026-56068
Unauthenticated SQL Injection in JetEngine = 3.8.10.2 versions...
EUVD-2026-39671
Sales Representative SQL Injection in Groundhogg = 4.5 versions...
CVE-2026-57653 WordPress WP Job Portal plugin <= 2.5.2 - SQL Injection vulnerability
Contributor SQL Injection in WP Job Portal = 2.5.2 versions...
EUVD-2026-39759
Contributor SQL Injection in Restaurant Menu by MotoPress = 2.4.10 versions...
EUVD-2026-39723
Unauthenticated SQL Injection in Advance Product Search = 1.4.4 versions...
EUVD-2026-39716
Unauthenticated SQL Injection in Quotes llama = 3.1.5 versions...
WordPress Groundhogg plugin <= 4.5 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Baikuya in WordPress Plugin Groundhogg versions = 4.5...
CVE-2026-10835
The CVE-2026-10835 entry concerns the SALESmanago & Leadoo WordPress plugin, affected versions before 3.11.3. The vulnerability arises from improper sanitisation/escaping of a parameter in an AJAX action before it is used in a SQL statement, coupled with missing authorization enforcement for that...
PT-2026-52750
Name of the Vulnerable Software and Affected Versions Library Management System versions prior to 3.5.8 Description An unauthenticated SQL Injection exists in the system, allowing an attacker to execute arbitrary SQL commands without providing credentials. Recommendations Update to a version newe...
Tenable Nessus < 10.12.1 Multiple Vulnerabilities (TNS-2026-17)
According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.12.1. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2026-17 advisory. - A SQL injection vulnerability in Nessus allows a remote, unauthenticated...
EUVD-2026-39409
A SQL injection vulnerability in Nessus allows an attacker to craft a malicious scan result file that, when imported by a privileged user, injects malicious SQL into the scan results database, potentially enabling exfiltration of scan-result data...
EUVD-2026-39373
Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce = 1.1.11 versions...
EUVD-2026-39370
Unauthenticated SQL Injection in MDTF = 1.3.7 versions...