WordPress plugin Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

CVE-2025-65135

In manikandan580 School-management-system 1.0, a time-based blind SQL injection vulnerability exists in /studentms/admin/between-date-reprtsdetails.php through the fromdate POST parameter...

CVE-2025-65135

In manikandan580 School-management-system 1.0, a time-based blind SQL injection vulnerability exists in /studentms/admin/between-date-reprtsdetails.php through the fromdate POST parameter...

CVE-2025-9318

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to time-based SQL Injection via the ‘islinking’ parameter in all versions up to, and including, 10.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

PT-2025-47880

Name of the Vulnerable Software and Affected Versions Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager versions prior to 4.95 Description The Ads Pro Plugin for WordPress is susceptible to time-based SQL Injection through the site id parameter. Insufficient input validation and query...

EUVD-2021-11316

Malware in sbrugna...

EUVD-2024-23199

Malicious code in bioql PyPI...

EUVD-2025-4531

Malicious code in bioql PyPI...

EUVD-2022-37858

Malicious code in bioql PyPI...

CVE-2025-9451

The CVE relates to the WordPress plugin Smartcat Translator for WPML. It describes a time-based SQL injection via the orderby parameter in all versions up to 3.1.69, caused by insufficient escaping of user input and inadequate preparation of the SQL query. The vulnerability requires authenticatio...

CVE-2025-9463 Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net <= 1.117.5 - Authenticated (Contributor+) SQL Injection via order_by Parameter

The Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 1.117.5 due to insufficient escaping on the user supplied parameter and...

CVE-2025-5590

The Owl carousel responsive plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2024-25896

ChurchCRM 5.5.0 EventEditor.php is vulnerable to Blind SQL Injection Time-based via the EID POST parameter...

CVE-2022-34956

Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the pagesize parameter at loaddataforgroups.php...

CVE-2024-13909

The Accredible Certificates & Open Badges plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

PT-2024-16427 · WordPress · Blogger 301 Redirect

Name of the Vulnerable Software and Affected Versions: Blogger 301 Redirect plugin for WordPress versions up to, and including, 2.5.3 Description: The issue is a blind time-based SQL Injection vulnerability via the br parameter. This vulnerability is due to insufficient escaping on the...

GHSA-CWX6-CX7X-4Q34 LibreNMS vulnerable to SQL injection time-based leads to database extraction

Summary SQL injection vulnerability in POST /search/search=packages in LibreNMS 24.3.0 allows a user with global read privileges to execute SQL commands via the package parameter. Details There is a lack of hygiene of data coming from the user in line 83 of the file...

CVE-2024-25897

ChurchCRM 5.5.0 FRCatalog.php is vulnerable to Blind SQL Injection Time-based via the CurrentFundraiser GET parameter...

block.number DOES NOT PROVIDE A FAIR EVALUATION OF TIME MEASUREMENTS WITHIN FUNCTIONS

Lines of code Vulnerability details Impact The SecurityCouncilMemberElectionGovernorCountingUpgradeable.votesToWeight function is used to calculate the weight of a vote for a given proposal, block number, and number of votes. During the weight calculation the weight given for each vote depends on...

CentOS Update for openssh CESA-2017:2563 centos6

Check the version of openssh SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882763";...