CVE-2026-39815

Fortinet FortiDDoS-F versions 7.2.1–7.2.2 are described as vulnerable to an improper neutralization of special elements used in an SQL command (SQL injection). The issue could allow an attacker to execute unauthorized code or commands via an attack vector. The connected documents do not provide e...

CVE-2026-39815

A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...

EUVD-2026-22256

Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/viewdetails.php...

EUVD-2026-22255

SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/rents/managerent.php...

EUVD-2026-22262

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/viewemployee.php...

sql-xss

No d...

CVE-2026-4352

The CVE-2026-4352 entry affects the WordPress JetEngine plugin (versions ≤ 3.8.6.1). The vulnerability is an unauthenticated SQL Injection in the CCT REST API search endpoint via the _cct_search parameter, which is interpolated into a SQL string using sprintf() without sanitization or $wpdb->p...

EUVD-2026-22154

Due to insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse, an authenticated user can execute crafted SQL statements to read, modify, and delete database data. This leads to a high impact on the confidentiality, integrity, and availability of th...

CVE-2026-27681

CVE-2026-27681 is an SQL injection vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse caused by insufficient authorization checks. An authenticated user can submit crafted SQL statements to read, modify, and delete data, affecting confidentiality, integrity, and a...

PT-2026-32835

Name of the Vulnerable Software and Affected Versions SQL Server affected versions not specified Description Improper neutralization of special elements used in an sql command SQL injection allows an authorized attacker to elevate privileges locally. SQL injection is a technique where an attacker...

jq 安全漏洞

jq is a lightweight and flexible command-line JSON processor developed by jqlang. There is a security vulnerability in jq, which stems from the use of the MurmurHash3 algorithm that relies on hard-coded public seeds. This vulnerability could allow attackers to exploit the system by providing...

PraisonAI 安全漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.133 contained security vulnerabilities, which were caused by SQL identifier injections in the SQLiteConversationStore. These vulnerabilities could lead to unauthorized data...

PT-2026-32653

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4,...

SourceCodester Patient Appointment Scheduler System 安全漏洞

The SourceCodester Patient Appointment Scheduler System is an open-source system developed by SourceCodester. Version 1.0 of the SourceCodester Patient Appointment Scheduler System contains a security vulnerability. This vulnerability stems from an SQL injection issue in the file...

PT-2026-32632

CVE-2026-37591 Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/view details.php. https://t.co/zFz4555XYZ...

SourceCodester Patient Appointment Scheduler 安全漏洞

SourceCodester Patient Appointment Scheduler is an open-source patient appointment scheduling tool developed by SourceCodester. Version 1.0 of the SourceCodester Patient Appointment Scheduler contains a security vulnerability. This vulnerability stems from an SQL injection vulnerability in the fi...

SAP Business Planning and Consolidation和SAP Business Warehouse SQL注入漏洞

SAP Business Planning and Consolidation, as well as SAP Business Warehouse, are products of the German company SAP. SAP Business Planning and Consolidation is a business planning and integration software. This software provides features for budget preparation, forecasting, and financial...

CVE-2026-37595

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/manageemployee.php...

EUVD-2026-22004

Sourcecodester Online Thesis Archiving System v1.0 is vulnerale to SQL injection in the file /otas/viewarchive.php...

simple-ids

Simple IDS - Intrusion Detection System !License: MIThttp...