PT-2025-1305 · Avi · Avi Load Balancer

Name of the Vulnerable Software and Affected Versions: Avi Load Balancer versions 30.1.1 through 30.2.2 Description: The Avi Load Balancer contains an unauthenticated blind SQL Injection vulnerability. A malicious user with network access may be able to use specially crafted SQL queries to gain...

WordPress Super Socializer plugin <= 7.14 - Unauthenticated Limited SQL Injection via 'SuperSocializerKey' vulnerability

Unauthenticated Limited SQL Injection via 'SuperSocializerKey' vulnerability discovered by mikemyers in WordPress Plugin Super Socializer versions = 7.14...

CVE-2024-13184 The Ultimate WordPress Toolkit – WP Extended <= 3.0.12 - Unauthenticated SQL Injection via Login Attempts Module

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to time-based SQL Injection via the Login Attempts module in all versions up to, and including, 3.0.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

Exploit for SQL Injection in Microsoft

Microsoft Configuration Manager ConfigMgr / SCCM 2403 Unauth...

Exploit for CVE-2024-54820

Vulnerability: Unauthenticated SQL Injection - Clear Credentia...

Dell Data Lakehouse SQL注入漏洞

Dell Data Lakehouse is a fully integrated data platform from Dell, Inc. Dell Data Lakehouse versions 1.0.0.0 and 1.1.0.0 are vulnerable to a SQL injection vulnerability that stems from the inclusion of a SQL injection flaw that can be exploited by an unauthenticated attacker to cause an informati...

Exploit for SQL Injection in Paloaltonetworks Expedition

CVE-2024-9465: Palo Alto Expedition Unauthenticated SQL Inject...

WordPress Loginizer Log SQL Injection Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Loginizer log SQLi Scanner', 'Description' = %q Loginizer wordpress plugin contains an unauthenticated timebased SQL injection in...

Wordpress Paid Membership Pro Code Unauthenticated SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Paid Membership Pro code Unauthenticated SQLi', 'Description' = %q Paid Membership Pro, a WordPress plugin, prior to 2.9.8 is affected ...

CVE-2024-7854 Woo Inquiry <= 0.1 - Unauthenticated SQL Injection

The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...

WordPress SmartSearch WP plugin <= 2.4.4 - Unauthenticated SQLi vulnerability

Unauthenticated SQLi vulnerability discovered by Karolis Narvilas in WordPress Plugin SmartSearch WP versions = 2.4.4...

WordPress WpStickyBar plugin <= 2.1.0 - Unauthenticated SQLi vulnerability

Unauthenticated SQLi vulnerability discovered by Project Black in WordPress Plugin WpStickyBar versions = 2.1.0...

WordPress Quiz Maker plugin <= 6.5.8.3 - Unauthenticated SQL Injection via 'ays_questions' vulnerability

Unauthenticated SQL Injection via 'aysquestions' vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Quiz Maker versions = 6.5.8.3...

WordPress Music Store plugin <= 1.1.13 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Noriko Totsuka JPCERT/CC in WordPress Plugin Music Store versions = 1.1.13...

Exploit for SQL Injection in Bplugins Html5_Video_Player

CVE-2024-5522-Poc CVE-2024-5522 HTML5 Video Player = 2.5.2...

WordPress HTML5 Video Player plugin < 2.5.27 - Unauthenticated SQLi vulnerability

Unauthenticated SQLi vulnerability discovered by Mayank Deshmukh in WordPress Plugin Flash & HTML5 Video versions 2.5.27...

CVE-2024-27956 WordPress Automatic plugin <= 3.92.0 - Unauthenticated Arbitrary SQL Execution vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0...

CVE-2023-33677

Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id="...

CVE-2023-33677

Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id="...

CVE-2024-25833

F-logic DataCube3 v1.0 is vulnerable to unauthenticated SQL injection, which could allow an unauthenticated malicious actor to execute arbitrary SQL queries in database...