2771 matches found
EUVD-2026-41274
The WP Review Slider Pro plugin for WordPress is vulnerable to SQL Injection via the 'notinstring' parameter of the wprploadmorerevs AJAX action in versions up to, and including, 12.7.2. The parameter is read via $POST'notinstring' and passed through sanitizetextfield — which strips HTML and...
[SECURITY] [DLA 4657-1] sogo security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4657-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb June 29, 2026 https://wiki.debian.org/LTS -...
CVE-2026-54370
acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...
CVE-2026-40523
FrontAccounting before 2.4.20 contains a SQL injection vulnerability in the Audit Trail report handler that allows authenticated attackers with SAGLANALYTIC permission to execute arbitrary SQL queries by injecting malicious code into the PARAM2 and PARAM3 POST parameters. Attackers can exploit...
CVE-2026-40523
FrontAccounting before 2.4.20 contains a SQL injection vulnerability in the Audit Trail report handler that allows authenticated attackers with SAGLANALYTIC permission to execute arbitrary SQL queries by injecting malicious code into the PARAM2 and PARAM3 POST parameters. Attackers can exploit...
PT-2026-53270
Name of the Vulnerable Software and Affected Versions FrontAccounting versions prior to 2.4.20 Description An issue exists in the Audit Trail report handler that allows authenticated attackers with SA GLANALYTIC permission to execute arbitrary SQL queries. This is achieved by injecting malicious...
WordPress Gravity Bookings plugin <= 2.7.1 - Authenticated (Subscriber+) Time-Based SQL Injection vulnerability
Authenticated Subscriber+ Time-Based SQL Injection vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Gravity Forms Bookings premium versions = 2.7.1...
CVE-2026-12079
The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ’orderby’ parameter in all versions up to, and including, 5.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2026-12077
The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the via 'latitude' and 'longitude' parameters in all versions up to, and including, 5.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...
CVE-2026-2508
CVE-2026-2508 affects the Gravity Forms Booking plugin for WordPress, all versions up to and including 2.7.1. The vulnerability is a time-based SQL Injection via the 'staff_id' parameter caused by insufficient escaping and lack of proper query preparation. Authenticated attackers with Subscriber-...
CVE-2026-2508 Gravity Forms Booking <= 2.7.1 - Authenticated (Subscriber+) Time-Based SQL Injection via 'staff_id'
The Gravity Forms Booking plugin for WordPress is vulnerable to time-based SQL Injection via the ‘staffid’ parameter in all versions up to, and including, 2.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
EUVD-2026-39167
The Gravity Forms Booking plugin for WordPress is vulnerable to time-based SQL Injection via the ‘staffid’ parameter in all versions up to, and including, 2.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2026-12077
CVE-2026-12077 : The Dokan Pro plugin for WordPress (up to version 5.0.4) is vulnerable to a time-based SQL Injection via the latitude and longitude parameters. The root cause is insufficient escaping of user-supplied input and lack of proper preparation in the existing SQL query, enabling unauth...
EUVD-2026-39165
The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ’orderby’ parameter in all versions up to, and including, 5.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
PT-2026-52192
Name of the Vulnerable Software and Affected Versions Dokan Pro versions prior to 5.0.5 Description The Dokan Pro plugin for WordPress contains a time-based SQL Injection flaw. This occurs because the software does not sufficiently escape user-supplied input or properly prepare the SQL query...
PT-2026-52191
Name of the Vulnerable Software and Affected Versions Dokan Pro versions prior to 5.0.5 Description The Dokan Pro plugin for WordPress contains a time-based SQL Injection flaw. This issue occurs because user-supplied parameters are not sufficiently escaped and the SQL query is not properly...
BerriAI LiteLLM Proxy Pre-Auth SQL Injection Scanner
This module detects BerriAI LiteLLM proxy servers affected by CVE-2026-42208, an unauthenticated SQL injection. During API-key verification the proxy interpolates the raw Authorization bearer value into a PostgreSQL query WHERE v.token = '' without parameterization. Because LiteLLM only hashes...
CVE-2026-7842
The Infility Global Infility Global WordPress plugin before 2.15.20 for WordPress does not sanitize or validate the orderby and order parameters in the importlist, urldetail, and filedetail admin page callbacks before using them in SQL queries, allowing authenticated attackers with Editor-level...
EUVD-2026-38416
The Infility Global Infility Global WordPress plugin before 2.15.20 for WordPress does not sanitize or validate the orderby and order parameters in the importlist, urldetail, and filedetail admin page callbacks before using them in SQL queries, allowing authenticated attackers with Editor-level...
CVE-2026-7842
The Infility Global Infility Global WordPress plugin before 2.15.20 for WordPress does not sanitize or validate the orderby and order parameters in the importlist, urldetail, and filedetail admin page callbacks before using them in SQL queries, allowing authenticated attackers with Editor-level...