Lucene search
K

62 matches found

Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-53269

Name of the Vulnerable Software and Affected Versions FrontAccounting versions prior to 2.4.20 Description An issue exists in the Bank Statement report handler that allows authenticated attackers to extract arbitrary database data. By injecting UNION SELECT payloads into the PARAM 0 POST paramete...

7.1CVSS6AI score0.00148EPSS
Exploits0References6
CVE
CVE
added 2026/06/16 5:33 a.m.13 views

CVE-2026-8443

CVE-2026-8443 affects the WordPress plugin WP Review Slider Pro (versions up to 12.6.8). The vulnerability is an SQL Injection in the wppro_get_overall_chart_data AJAX action, triggered via the stypes and slocations parameters. The root cause is the use of stripslashes() on user-supplied JSON pri...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.11 views

PT-2026-49619

The WP Review Slider Pro plugin for WordPress is vulnerable to SQL Injection via the 'stypes' and 'slocations' parameters of the wppro get overall chart data AJAX action in versions up to, and including, 12.6.8. This is due to the use of stripslashes on user-supplied JSON strings prior to json...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.18 views

Thai Palliative SQL注入漏洞

Thai Palliative is a modified version of the PHP framework developed by DAMASAC KKU. Versions of Thai Palliative 3.0 and earlier have a SQL injection vulnerability. This vulnerability arises from the lack of cleaning or parameterization of the idFormMain parameter and the id parameter, which may...

9.8CVSS6.4AI score0.00329EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/09 5:34 p.m.8 views

CVE-2026-50636 LimeSurvey RemoteControl invite_participants/remind_participants SQL Injection

The RemoteControl API methods inviteparticipants and remindparticipants pass a caller-supplied token-ID array into TokenDynamic::findUninvited, which concatenates the values directly into a tid IN '...' SQL clause without parameterization or input validation. A remote, authenticated attacker...

8.8CVSS5.8AI score0.00358EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.9 views

CVE-2026-40131

SQL injection vulnerability exists in @sap/hdi-deploy package, where SQL queries are dynamically constructed using user input without proper parameterization or prepared statements. Successful exploitation could allow the high privileged users to alter the SELECT statements impacting...

3.4CVSS5.6AI score0.00173EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.10 views

CVE-2026-41143

YesWiki is a wiki system written in PHP. Prior to version 4.6.1, YesWiki bazar module contains a SQL injection vulnerability in tools/bazar/services/EntryManager.php at line 704. The $data'idfiche' value sourced from $POST'idfiche' is concatenated directly into a raw SQL query without any...

8.8CVSS5.5AI score0.00342EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.10 views

SSCMS SQL注入漏洞

SSCMS SiteServerCMS is a content management system developed by SSCMS Corporation in China. Version 7.4.0 of SSCMS contains an SQL injection vulnerability. This vulnerability arises from the unparametrized or uncleaned direct transmission of the queryString attribute within the stl:sqlContent tag...

8.6CVSS6.1AI score0.00429EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/24 8:52 p.m.2 views

CVE-2026-41478 Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)

Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.6, 1.5.6, and 1.6.0-beta.5, a SQL injection vulnerability in Saltcorn’s mobile-sync routes allows any authenticated low-privilege user with read access to at least one table to inject arbitrary SQL through...

9.9CVSS5.8AI score0.00264EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/21 7:12 p.m.7 views

CVE-2026-40871 mailcow: dockerized vulnerable to Second Order SQL Injection in quarantine category via API

mailcow: dockerized is an open source groupware/email suite based on docker. Versions prior to 2026-03b have a second-order SQL injection vulnerability in the quarantinecategory field via the Mailcow API. The /api/v1/add/mailbox endpoint stores quarantinecategory without validation or sanitizatio...

7.2CVSS5.9AI score0.09874EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/16 10:51 p.m.7 views

Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)

Summary A critical SQL injection vulnerability in Saltcorn’s mobile-sync routes allows any authenticated low-privilege user with read access to at least one table to inject arbitrary SQL through sync parameters. This can lead to full database exfiltration, including admin password hashes and...

9.9CVSS6.3AI score0.00264EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/16 10:51 p.m.7 views

GHSA-JP74-MFRX-3QVH Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)

Summary A critical SQL injection vulnerability in Saltcorn’s mobile-sync routes allows any authenticated low-privilege user with read access to at least one table to inject arbitrary SQL through sync parameters. This can lead to full database exfiltration, including admin password hashes and...

9.9CVSS6.2AI score0.00264EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/16 7:37 p.m.5 views

EUVD-2026-23291

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /datasource/getTableField endpoint. The getTableFiledSql method in CalciteProvider.java incorporates the tableName parameter directly into SQL query string...

8.6CVSS6.1AI score0.00349EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/16 7:37 p.m.3 views

CVE-2026-33207 DataEase SQL Injection Vulnerability

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /datasource/getTableField endpoint. The getTableFiledSql method in CalciteProvider.java incorporates the tableName parameter directly into SQL query string...

8.6CVSS6AI score0.00349EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/03 11:1 p.m.4 views

CVE-2026-34825

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.30, NocoBase plugin-workflow-sql substitutes template variables directly into raw SQL strings via getParsedValue without parameterization or escaping. Any user who...

8.5CVSS6AI score0.00406EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/02 7:6 p.m.22 views

CVE-2026-34825 NocoBase Has SQL Injection via template variable substitution in workflow SQL node

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.30, NocoBase plugin-workflow-sql substitutes template variables directly into raw SQL strings via getParsedValue without parameterization or escaping. Any user who...

8.5CVSS0.00406EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/02 5:59 p.m.3 views

CVE-2026-34717

OpenProject is an open-source, web-based project management software. Prior to version 17.2.3, the =n operator in modules/reporting/lib/report/operator.rb:177 embeds user input directly into SQL WHERE clauses without parameterization. This issue has been patched in version 17.2.3...

9.9CVSS5.8AI score0.0027EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/04/02 5:59 p.m.16 views

CVE-2026-34717

OpenProject vulnerability CVE-2026-34717 affects the cost reporting feature. The issue arises in the =n operator used in modules/reporting/lib/report/operator.rb:177 where user input is embedded directly into SQL WHERE clauses without parameterization, creating a SQL injection risk. The root caus...

9.9CVSS5.8AI score0.0027EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.4 views

PT-2026-29864

OpenProject is an open-source, web-based project management software. Prior to version 17.2.3, the =n operator in modules/reporting/lib/report/operator.rb:177 embeds user input directly into SQL WHERE clauses without parameterization. This issue has been patched in version 17.2.3...

9.9CVSS5.8AI score0.0027EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.8 views

Nocobase SQL注入漏洞

Nocobase is an open-source low-code platform developed by NocoBase. Versions of NocoBase prior to 2.0.30 contained a SQL injection vulnerability. This vulnerability stemmed from the getParsedValue function, which directly substituted template variables into the original SQL string without...

8.5CVSS6AI score0.00406EPSS
Exploits1References3
Rows per page
Query Builder