Export limit exceeded: 19746 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19746 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-14797 1 Codeastro 1 Apartment Visitor Management System 2026-07-06 6.3 Medium
A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulation of the argument editid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2023-39807 1 Nvki 1 Intelligent Broadband Subscriber Gateway 2026-07-05 9.8 Critical
N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a SQL injection vulnerability via the a_passwd parameter at /portal/user-register.php.
CVE-2024-48733 1 Sas 1 Studio 2026-07-05 8.8 High
SQL injection vulnerability in /SASStudio/sasexec/sessions/{sessionID}/sql in SAS Studio 9.4 allows remote attacker to execute arbitrary SQL commands via the POST body request. NOTE: this is disputed by the vendor because SQL statement execution is allowed for authorized users.
CVE-2026-52673 1 Cboard 1 Cboard 2026-07-05 6.5 Medium
SQL Injection vulnerability in Cboard v.0.4.2 and before allows a remote attacker to execute arbitrary code via the getDimensionsValues component
CVE-2024-28714 1 Crmeb 1 Crmeb Java 2026-07-05 8.1 High
SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an attacker to execute arbitrary code via the groupid parameter.
CVE-2023-29863 1 Medisys 1 Weblab 2026-07-05 9.8 Critical
Medical Systems Co. Medisys Weblab Products v19.4.03 was discovered to contain a SQL injection vulnerability via the tem:statement parameter in the WSDL files.
CVE-2020-24913 1 Qcubed 1 Qcubed 2026-07-04 9.8 Critical
A SQL injection vulnerability in qcubed (all versions including 3.1.1) in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request.
CVE-2023-33677 2 Oretnom23, Sourcecodester 2 Lost And Found Information System, Lost And Found Information System 2026-07-04 5.4 Medium
Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=*".
CVE-2026-57679 2026-07-03 9.3 Critical
Unauthenticated SQL Injection in GeekyBot <= 1.2.5 versions.
CVE-2026-13357 2026-07-02 4.9 Medium
The Houzez Property Feed plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in all versions up to, and including, 2.5.46 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query in the prepare_items() method of the Houzez_Property_Feed_Admin_Logs_Export_Table (and Houzez_Property_Feed_Admin_Logs_Import_Table) class. The user-controlled $_GET['orderby'] and $_GET['order'] values are filtered only with sanitize_text_field() and then concatenated into the SQL format string before $wpdb->prepare() is called — prepare() only parameterizes the appended LIMIT/OFFSET clause and cannot retroactively secure the already-tainted ORDER BY clause. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
CVE-2026-57765 2 Levelfourdevelopment, Wordpress 2 Wp-easycart, Wordpress 2026-07-02 8.5 High
Contributor SQL Injection in WP EasyCart <= 5.9.0 versions.
CVE-2026-57752 2026-07-02 8.5 High
Contributor SQL Injection in iNET Webkit 1.2.4 versions.
CVE-2026-57687 2 Hiroaki Miyashita, Wordpress 2 Custom Field Template, Wordpress 2026-07-02 8.5 High
Contributor SQL Injection in Custom Field Template <= 2.7.8 versions.
CVE-2026-14363 2026-07-02 7.3 High
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows SQL Injection. This issue affects Mediawiki - Cargo Extension: from * before 1.43.9,1.44.6,1.45.4.
CVE-2026-9272 1 Progress Software 1 Flowmon Ads 2026-07-02 N/A
In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a vulnerability exists whereby an adversary who is authenticated as a low-privileged user in the Anomaly Detection System (ADS) may send specially crafted requests that could result in unauthorized access to application data and its modification.
CVE-2025-69094 2026-07-02 8.5 High
Subscriber SQL Injection in Unicamp <= 2.2.2 versions.
CVE-2026-14029 2 Trainingbusinesspros, Wordpress 2 Groundhogg — Crm, Newsletters, And Marketing Automation, Wordpress 2026-07-02 6.5 Medium
The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'select' parameter in all versions up to, and including, 4.5.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with custom-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Exploitation requires the attacker to hold a Groundhogg custom role with the view_contacts capability, which is granted by default to several built-in Groundhogg roles above the base subscriber level.
CVE-2026-8441 2026-07-02 7.5 High
The WP Review Slider Pro plugin for WordPress is vulnerable to SQL Injection via the 'notinstring' parameter of the wprp_load_more_revs AJAX action in versions up to, and including, 12.7.2. The parameter is read via $_POST['notinstring'] and passed through sanitize_text_field() — which strips HTML and whitespace but does not provide SQL safety. The value is then concatenated directly into a numeric/unquoted `AND id NOT IN (...)` clause and executed via $wpdb->get_results() without $wpdb->prepare() or intval() casting. Because the value sits in an unquoted numeric context, WordPress's wp_magic_quotes protection (which only escapes embedded quotes) is ineffective. The AJAX hook is registered via wp_ajax_nopriv_wprp_load_more_revs, and the required check_ajax_referer nonce is publicly available via wp_localize_script on any frontend page that renders the plugin shortcode, so an unauthenticated attacker who can reach a public page hosting the plugin can extract arbitrary data from the database via blind/time-based injection.
CVE-2026-57517 1 Control Web Panel 1 Control Web Panel 2026-07-01 9.8 Critical
Control Web Panel before 0.9.8.1225 contains a blind SQL injection vulnerability that allows unauthenticated remote attackers to execute arbitrary SQL queries by submitting unsanitized input through the userRes POST parameter at the user endpoint. Attackers can exploit MySQL root privileges obtained via the injection to write arbitrary files using INTO DUMPFILE, enabling deployment of a PHP webshell to the web-accessible roundcube logs directory and achieving remote code execution as the cwpsvc account.
CVE-2026-58521 2026-07-01 N/A
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows SQL Injection. This issue affects Mediawiki - Cargo Extension: from * before 1.43.9,1.44.6,1.45.4.