271 docs tagged with "SQL_Injection_Vulnerability"

An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Be

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injecti

rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. Because, by d

rConfig 3.9.4 and previous versions has unauthenticated snippets.inc.php SQL injection. Because, by

A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerabili

The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection.

FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /n

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web bac

SQL injection vulnerability in the wp_where function in WeiPHP 5.0.

Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to unauthenticated SQL injection

SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.php.

SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_common.php.

SQL Injection in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php.

SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.

In the PrestaShop module 'productcomments' before version 4.2.1, an attacker can use a Blind SQL inj

An unauthenticated SQL Injection vulnerability in Good Layers LMS Plugin <= 2.1.4 exists due to the

The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function.

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword func

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword functi

CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based

PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilitie

PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by

openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of i

Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untruste

**Resolved** When use H2/MySQL/TiDB as Apache SkyWalking storage, the metadata query through GraphQL

A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that coul

The request_list_request AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin thro

The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, es

The Paytm – Donation Plugin WordPress plugin through 1.3.2 does not sanitise, validate or escape the

The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET paramete

The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invit

The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly sanitise

The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET pa

The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the 'orde

The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user input when subsc

The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin before 3.4.12, availab

The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rm_chronos_a

The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not sa

The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not escape

The Registrations for the Events Calendar WordPress plugin before 2.7.6 does not sanitise and escape

The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the time

The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one of i

An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. An unauthenticated attac

SQL injection in the expertise parameter in search_result.php in Doctor Appointment System v1.0 allo

SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to in

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated atta

Blind SQL injection in contactus.php in doctor appointment system 1.0 allows an unauthenticated atta

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated atta

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated atta

The 'order_col' parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL in

ZEROF Web Server 1.0 (April 2021) allows SQL Injection via the /HandleEvent endpoint for the login p

The store system in PrestaShop 1.7.7.0 allows time-based boolean SQL injection via the module=produc

A SQL Injection vulnerability in the REST API in Layer5 Meshery 0.5.2 allows an attacker to execute

woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL in

A SQL Injection issue in the list controller of the Prestahome Blog (aka ph_simpleblog) module befor

Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a

Virtua Cobranca before 12R allows SQL Injection on the login page.

Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL inje

SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by or

ECShop 4.1.0 has SQL injection vulnerability, which can be exploited by attackers to obtain sensitiv

An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through t

An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through t

BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated r

A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System i

SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the use

An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis

The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id

The Popup Builder WordPress plugin before 4.0.7 does not validate and properly escape the orderby an

The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter bef

The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress pl

The Page View Count WordPress plugin before 2.4.15 does not sanitise and escape the post_ids paramet

The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and p

The CommonsBooking WordPress plugin before 2.6.8 does not sanitise and escape the location parameter

The Master Elements WordPress plugin through 8.0 does not validate and escape the meta_ids parameter

The Infographic Maker WordPress plugin before 4.3.8 does not validate and escape the post_id paramet

The Simple Link Directory WordPress plugin before 7.7.2 does not validate and escape the post_id par

The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the data_target

The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is b

The Nirweb support WordPress plugin before 2.8.2 does not sanitise and escape a parameter before usi

The Title Experiments Free WordPress plugin before 9.0.1 does not sanitise and escape the id paramet

The Daily Prayer Time WordPress plugin before 2022.03.01 does not sanitise and escape the month para

The KiviCare WordPress plugin before 2.3.9 does not sanitise and escape some parameters before using

The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not sanitise and escape

The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitis

The Ubigeo de Perú para Woocommerce WordPress plugin before 3.6.4 does not properly sanitise and esc

The BadgeOS WordPress plugin through 3.7.0 does not sanitise and escape a parameter before using it

The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before

The Bestbooks WordPress plugin through 2.6.3 does not sanitise and escape some parameters before usi

The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the id

The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id

The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin

The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST

The Pricing Deals for WooCommerce WordPress plugin through 2.0.2.02 does not properly sanitise and e

The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficien

SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0.

WordPress is a free and open-source content management system written in PHP and paired with a Maria

A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloT

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in

The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and va

AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php.

A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileg

Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/

Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/

Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is an unaut

MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via search.do in the file /mdiy/

The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and p

The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and p

Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin

A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via the menu_filter parameter

CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/aler

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /p

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /p

AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php

College Management System v1.0 was discovered to contain a SQL injection vulnerability via the cours

Royal Event Management System v1.0 was discovered to contain a SQL injection vulnerability via the t

Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel o

Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel o

Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel o

NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection v

School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/payment_history.p

The NEX-Forms WordPress plugin before 7.9.7 does not properly sanitise and escape user input before

Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter.

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports&date=

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manage_u

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=dele

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=dele

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=dele

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manage_

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/view_te

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/view

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/mana

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/take_actio

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/company/index.

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=category

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=hiring&s

Car Rental Management System v1.0 is vulnerable to SQL Injection via /ip/car-rental-management-syste

Car Rental Management System v1.0 is vulnerable to SQL Injection via car-rental-management-system/bo

Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/a

Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/a

Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/a

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the logi

Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities in Osamaesh WP Visitor Statistics plug

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the edit

The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a paramete

Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via

SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username' an

The WP User WordPress plugin through 7.0 does not properly sanitize and escape a parameter before us

The JoomSport WordPress plugin before 5.2.8 does not properly sanitise and escape a parameter before

The Cryptocurrency Widgets Pack WordPress plugin before 2.0 does not sanitise and escape some parame

The IWS WordPress plugin through 1.0 does not properly escape a parameter before using it in a SQL s

webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in dele

webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phas

The Fontsy WordPress plugin through 1.8.6 does not properly sanitize and escape a parameter before u

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability ca

mesinkasir Bangresto 1.0 is vulnberable to SQL Injection via the itemqty%5B%5D parameter.

The WP TripAdvisor Review Slider WordPress plugin before 10.8 does not properly sanitise and escape

The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 6.9 does not escape user input

The Pricing Table Builder WordPress plugin through 1.1.6 does not properly sanitise and escape a par

The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a para

The Video List Manager WordPress plugin through 1.7 does not properly sanitise and escape a paramete

The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using

A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem (SSM O

Canteen Management System 1.0 is vulnerable to SQL Injection via /php_action/getOrderReport.php.

The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an unauthenticated SQL in

The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 & 3.1.0.3, is affected by an unauthent

The Login with Phone Number WordPress Plugin, version < 1.4.2, is affected by an authenticated SQL i

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields paramet

Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related

The AN_GradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter be

PrestaShop jmsblog 2.5.5 was discovered to contain a SQL injection vulnerability.

The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the `type` parameter in

IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/log

Insufficient validation of profile field availability condition resulted in an SQL injection risk (b

The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an un

Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the passw

SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attac

SourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY paramete

PrestaShop leocustomajax 1.0 and 1.0.0 are vulnerable to SQL Injection via modules/leocustomajax/leo

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

rudder-server is part of RudderStack, an open source Customer Data Platform (CDP). Versions of rudde

A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allow

SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows

Chitor-CMS before v1.1.2 was discovered to contain multiple SQL injection vulnerabilities.

A SQL Injection attack in FUXA <= 1.1.12 allows exfiltration of confidential information from the da

FUXA <= 1.1.12 is vulnerable to SQL Injection via /api/signin.

SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an attacker to execute arbitrary

Old Age Home Management 1.0 is vulnerable to SQL Injection via the username parameter.

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_

Sourcecodester Enrollment System Project V1.0 is vulnerable to SQL Injection (SQLI) attacks, which a

Lost and Found Information System v1.0 was discovered to contain a SQL injection vulnerability via t

hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability.

In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5

Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection.

jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jm

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the gid parameter at ad

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at ad

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the tid parameter at ad

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the userid parameter at

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at ad

SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute

SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries vi

In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0

Piwigo is open source photo gallery software. Prior to version 13.8.0, there is a SQL Injection vuln

Art Gallery Management System v1.0 contains a SQL injection vulnerability via the cid parameter at /

Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the

Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries

SQL injection vulnerability in Vtiger CRM v.7.5.0 allows a remote authenticated attacker to escalate

Cacti is an open source operational monitoring and fault management framework. Affected versions are

PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.

SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated

In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe des

A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows aut

A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with ann

SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to exe

Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the stor

Emlog version pro2.1.14 was discovered to contain a SQL injection vulnerability via the uid paramete

Blind SQL injection in api_id parameter in Tyk Gateway version 5.0.3 allows attacker to access and d

Blind SQL injection in api_version parameter in Tyk Gateway version 5.0.3 allows attacker to access

Projectworldsl Assets-management-system-in-php 1.0 is vulnerable to SQL Injection via the 'id' param

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

SQL Injection vulnerability in Koha Library Software 23.0.5.04 and before allows a remote attacker t

SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote attackers to execute arbitrary

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to

SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to

SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to

SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run ar

SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run ar

SQL Injection vulnerability in Relativity ODA LLC RelativityOne v.12.1.537.3 Patch 2 and earlier all

SQL injection vulnerability in Knovos Discovery v.22.67.0 allows a remote attacker to execute arbitr

Nagios XI before version 5.11.3 was discovered to contain a SQL injection vulnerability via the bulk

Customer Support System v1 was discovered to contain a SQL injection vulnerability via the email par

Customer Support System v1 was discovered to contain a SQL injection vulnerability via the username

Customer Support System v1 was discovered to contain a SQL injection vulnerability via the lastname

The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a fir

Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parame

Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parame

Customer Support System v1 was discovered to contain a SQL injection vulnerability via the subject p

Hotel Booking Management v1.0 was discovered to contain a SQL injection vulnerability via the npss p

Hotel Booking Management v1.0 was discovered to contain a SQL injection vulnerability via the id par

Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_s

Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_s

Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind

SQL Injection vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker t

SQL injection vulnerability in StackIdeas EasyDiscuss v.5.0.5 and fixed in v.5.0.10 allows a remote

The ChatBot plugin for WordPress is vulnerable to SQL Injection via the $strid parameter in versions

The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via t

The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter

The 'My Calendar' WordPress Plugin, version < 3.4.22 is affected by an unauthenticated SQL injection

The LearnPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order_by’ par

The 'HTML5 Video Player' WordPress Plugin, version < 2.5.25 is affected by an unauthenticated SQL in

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Mem

SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier. A remote

The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vuln

The NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With

SQL injection vulnerability in Projectworlds Visitor Management System in PHP v.1.0 allows a remote

Sourcecodester Login System with Email Verification 1.0 allows SQL Injection via the 'user' paramete

Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.'

Sourcecodester School Task Manager App 1.0 allows SQL Injection via the 'task' parameter.

Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter.

SQL Injection vulnerability in Nagios XI 2024R1.01 allows a remote attacker to execute arbitrary cod

SQL Injection vulnerability in ABO.CMS version 5.8, allows remote attackers to execute arbitrary cod

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i

The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup acti

SQL Injection vulnerability in ECshop 4.x allows an attacker to obtain sensitive information via the

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value' a