GHSA-9P7X-8C57-4PQV Liferay Portal exposes ERC which can lead to exploit the time response attack

Enumeration of ERC from object entry in Liferay Portal 7.4.0 through 7.4.3.128, and Liferay DXP 2024.Q3.0 through 2024.Q3.1, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12, 2023.Q4.0 and 7.4 GA through update 92 allow attackers to determine existent ERC in the application by exploit t...

WordPress plugin UsersWP SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

PT-2025-34965

Name of the Vulnerable Software and Affected Versions: Simple Download Monitor plugin for WordPress versions through 3.9.33 Description: The Simple Download Monitor plugin for WordPress is susceptible to time-based SQL Injection via the order parameter. Insufficient escaping of user-supplied inpu...

📄 PiHome MaxAir Smart Thermostat SQL Injection

A security vulnerability has been identified in the PiHome MaxAir Smart Thermostat system that permits an authenticated attacker to execute arbitrary SQL statements against the backend database. Description: A security vulnerability has been identified in the PiHome MaxAir Smart Thermostat system...

CVE-2025-51672

Summary: CVE-2025-51672 affects PHPGurukul Dairy Farm Shop Management System 1.3, in the file manage-companies.php . The vulnerability is a time-based blind SQL injection that allows remote attackers to execute arbitrary SQL via the companyname parameter in a POST request. The weakness originates...

CVE-2023-33481

RemoteClinic 2.0 is vulnerable to a time-based blind SQL injection attack in the 'start' GET parameter of patients/index.php...

CVE-2021-23837

An issue was discovered in flatCore before 2.0.0 build 139. A time-based blind SQL injection was identified in the selectedfolder HTTP request body parameter for the acp interface. The affected parameter which retrieves the file contents of the specified folder was found to be accepting malicious...

CVE-2021-24398

The Add new scene functionality in the Responsive 3D Slider WordPress plugin through 1.2 uses an id parameter which is not sanitised, escaped or validated before being inserted to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function vulnerable parameter is...

CVE-2025-3107

The Newsletters plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby' parameter in all versions up to, and including, 4.9.9.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

CVE-2024-54446 Blind SQLi in Document History

Document history functionality contains a blind SQL injection that can be exploited by authenticated attackers. Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof entries in...

CVE-2025-0821

Bit Assist plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2024-7717

The WP Events Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter in all versions up to, and including, 2.1.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2024-1514

The WP eCommerce plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'cartcontents' parameter in all versions up to, and including, 3.15.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes ...

CVE-2024-6028

The Quiz Maker plugin for WordPress is vulnerable to time-based SQL Injection via the 'aysquestions' parameter in all versions up to, and including, 6.5.8.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

The vulnerability in the GLPI system’s handling of requests and incidents, related to improper neutralization of special elements used in SQL commands, allows an attacker to carry out an attack based on time, using SQL injections in the REST API user_token.

The vulnerability of the GLPI system for handling requests and incidents is related to the improper neutralization of certain special elements. Exploiting this vulnerability allows a malicious actor to scan server ports or services, and to carry out attacks based on timing, using SQL injections i...

SUSE CVE-2024-5690

By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12...

SQL Injection

librenms/librenms is vulnerable to a SQL Injection. The vulnerability is due to inadequate input validation in the end point POST /search/search=packages within packages.inc.php, allowing a user with global read privileges to execute SQL commands via the package parameter and allows an attacker t...

Computer Laboratory Management System v1.0 - Multiple-SQLi

Title: Computer Laboratory Management System v1.0 - Multiple-SQLi Author: nu11secur1ty Date: 03/28/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.htmlcomment-104400 Reference:...

BIT-TYPO3-2020-11063

In TYPO3 CMS versions 10.4.0 and 10.4.1, it has been discovered that time-based attacks can be used with the password reset functionality for backend users. This allows an attacker to mount user enumeration based on email addresses assigned to backend user accounts. This has been fixed in 10.4.2...

Checkout Mestres WP < 7.1.9.8 - Authentication Bypass via Password Reset

Description The plugin is vulnerable to authentication bypass due to a weak password reset functionality, allowing unauthenticated attackers to reset the password of arbitrary users to a guessable value based on the current time...