4 matches found
WordPress Dokan Pro plugin <= 5.0.4 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by lb in WordPress Plugin Dokan Pro versions = 5.0.4...
EUVD-2026-36795
Metacat is data repository software that helps researchers preserve, share, and discover data. Versions 2.0.0 and and above contain an unauthenticated SQL injection in the /harvesterRegistration endpoint. HarvesterRegistration.dbInsert builds an INSERT against HARVESTSITESCHEDULE via string...
CVE-2026-40838 Authenticated SQLi in getDeviceScalings function
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getDeviceScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2023-48716
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'classid' parameter of the addclasses.php resource does not validate the characters received and they are sent unfiltered to the database...