CVE-2020-10220
An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via
An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via
rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Be
rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injecti
rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. Because, by d
rConfig 3.9.4 and previous versions has unauthenticated snippets.inc.php SQL injection. Because, by
A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerabili
The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection.
FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /n
Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web bac
SQL injection vulnerability in the wp_where function in WeiPHP 5.0.
Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to unauthenticated SQL injection
SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.php.
SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_common.php.
SQL Injection in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php.
SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.
In the PrestaShop module 'productcomments' before version 4.2.1, an attacker can use a Blind SQL inj
An unauthenticated SQL Injection vulnerability in Good Layers LMS Plugin <= 2.1.4 exists due to the
The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function.
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword func
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword functi
CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilitie
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by
openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of i
Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untruste
**Resolved** When use H2/MySQL/TiDB as Apache SkyWalking storage, the metadata query through GraphQL
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that coul
The request_list_request AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin thro
The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, es
The Paytm – Donation Plugin WordPress plugin through 1.3.2 does not sanitise, validate or escape the
The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET paramete
The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invit
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly sanitise
The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET pa
The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the 'orde
The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user input when subsc
The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin before 3.4.12, availab
The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rm_chronos_a
The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not sa
The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not escape
The Registrations for the Events Calendar WordPress plugin before 2.7.6 does not sanitise and escape
The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the time
The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one of i
An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. An unauthenticated attac
SQL injection in the expertise parameter in search_result.php in Doctor Appointment System v1.0 allo
SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to in
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated atta
Blind SQL injection in contactus.php in doctor appointment system 1.0 allows an unauthenticated atta
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated atta
Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated atta
The 'order_col' parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL in
ZEROF Web Server 1.0 (April 2021) allows SQL Injection via the /HandleEvent endpoint for the login p
The store system in PrestaShop 1.7.7.0 allows time-based boolean SQL injection via the module=produc
A SQL Injection vulnerability in the REST API in Layer5 Meshery 0.5.2 allows an attacker to execute
woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL in
A SQL Injection issue in the list controller of the Prestahome Blog (aka ph_simpleblog) module befor
Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a
Virtua Cobranca before 12R allows SQL Injection on the login page.
Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL inje
SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by or
ECShop 4.1.0 has SQL injection vulnerability, which can be exploited by attackers to obtain sensitiv
An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through t
An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through t
BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated r
A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System i
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the use
An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis
The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id
The Popup Builder WordPress plugin before 4.0.7 does not validate and properly escape the orderby an
The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter bef
The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress pl
The Page View Count WordPress plugin before 2.4.15 does not sanitise and escape the post_ids paramet
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and p
The CommonsBooking WordPress plugin before 2.6.8 does not sanitise and escape the location parameter
The Master Elements WordPress plugin through 8.0 does not validate and escape the meta_ids parameter
The Infographic Maker WordPress plugin before 4.3.8 does not validate and escape the post_id paramet
The Simple Link Directory WordPress plugin before 7.7.2 does not validate and escape the post_id par
The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the data_target
The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is b
The Nirweb support WordPress plugin before 2.8.2 does not sanitise and escape a parameter before usi
The Title Experiments Free WordPress plugin before 9.0.1 does not sanitise and escape the id paramet
The Daily Prayer Time WordPress plugin before 2022.03.01 does not sanitise and escape the month para
The KiviCare WordPress plugin before 2.3.9 does not sanitise and escape some parameters before using
The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not sanitise and escape
The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitis
The Ubigeo de Perú para Woocommerce WordPress plugin before 3.6.4 does not properly sanitise and esc
The BadgeOS WordPress plugin through 3.7.0 does not sanitise and escape a parameter before using it
The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before
The Bestbooks WordPress plugin through 2.6.3 does not sanitise and escape some parameters before usi
The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the id
The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id
The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin
The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST
The Pricing Deals for WooCommerce WordPress plugin through 2.0.2.02 does not properly sanitise and e
The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficien
SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0.
WordPress is a free and open-source content management system written in PHP and paired with a Maria
A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloT
MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in
The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and va
AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php.
A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileg
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is an unaut
MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via search.do in the file /mdiy/
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and p
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and p
Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin
A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used
CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via the menu_filter parameter
CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/aler
Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /p
Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /p
AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_pages.php
College Management System v1.0 was discovered to contain a SQL injection vulnerability via the cours
Royal Event Management System v1.0 was discovered to contain a SQL injection vulnerability via the t
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel o
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel o
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel o
NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection v
School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/payment_history.p
The NEX-Forms WordPress plugin before 7.9.7 does not properly sanitise and escape user input before
Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter.
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports&date=
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manage_u
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=dele
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=dele
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=dele
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manage_
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/view_te
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/view
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/mana
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/take_actio
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/company/index.
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=category
Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=hiring&s
Car Rental Management System v1.0 is vulnerable to SQL Injection via /ip/car-rental-management-syste
Car Rental Management System v1.0 is vulnerable to SQL Injection via car-rental-management-system/bo
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/a
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/a
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/a
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the logi
Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities in Osamaesh WP Visitor Statistics plug
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the edit
The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a paramete
Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via
SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username' an
The WP User WordPress plugin through 7.0 does not properly sanitize and escape a parameter before us
The JoomSport WordPress plugin before 5.2.8 does not properly sanitise and escape a parameter before
The Cryptocurrency Widgets Pack WordPress plugin before 2.0 does not sanitise and escape some parame
The IWS WordPress plugin through 1.0 does not properly escape a parameter before using it in a SQL s
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in dele
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phas
The Fontsy WordPress plugin through 1.8.6 does not properly sanitize and escape a parameter before u
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability ca
mesinkasir Bangresto 1.0 is vulnberable to SQL Injection via the itemqty%5B%5D parameter.
The WP TripAdvisor Review Slider WordPress plugin before 10.8 does not properly sanitise and escape
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 6.9 does not escape user input
The Pricing Table Builder WordPress plugin through 1.1.6 does not properly sanitise and escape a par
The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a para
The Video List Manager WordPress plugin through 1.7 does not properly sanitise and escape a paramete
The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem (SSM O
Canteen Management System 1.0 is vulnerable to SQL Injection via /php_action/getOrderReport.php.
The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an unauthenticated SQL in
The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 & 3.1.0.3, is affected by an unauthent
The Login with Phone Number WordPress Plugin, version < 1.4.2, is affected by an authenticated SQL i
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields paramet
Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related
The AN_GradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter be
PrestaShop jmsblog 2.5.5 was discovered to contain a SQL injection vulnerability.
The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the `type` parameter in
IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/log
Insufficient validation of profile field availability condition resulted in an SQL injection risk (b
The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an un
Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the passw
SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attac
SourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY paramete
PrestaShop leocustomajax 1.0 and 1.0.0 are vulnerable to SQL Injection via modules/leocustomajax/leo
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
rudder-server is part of RudderStack, an open source Customer Data Platform (CDP). Versions of rudde
A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allow
SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows
Chitor-CMS before v1.1.2 was discovered to contain multiple SQL injection vulnerabilities.
A SQL Injection attack in FUXA <= 1.1.12 allows exfiltration of confidential information from the da
FUXA <= 1.1.12 is vulnerable to SQL Injection via /api/signin.
SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an attacker to execute arbitrary
Old Age Home Management 1.0 is vulnerable to SQL Injection via the username parameter.
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_
Sourcecodester Enrollment System Project V1.0 is vulnerable to SQL Injection (SQLI) attacks, which a
Lost and Found Information System v1.0 was discovered to contain a SQL injection vulnerability via t
hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability.
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5
Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection.
jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jm
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the gid parameter at ad
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at ad
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the tid parameter at ad
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the userid parameter at
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at ad
SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute
SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries vi
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0
Piwigo is open source photo gallery software. Prior to version 13.8.0, there is a SQL Injection vuln
Art Gallery Management System v1.0 contains a SQL injection vulnerability via the cid parameter at /
Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the
Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries
SQL injection vulnerability in Vtiger CRM v.7.5.0 allows a remote authenticated attacker to escalate
Cacti is an open source operational monitoring and fault management framework. Affected versions are
PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.
SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated
In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe des
A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows aut
A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with ann
SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to exe
Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the stor
Emlog version pro2.1.14 was discovered to contain a SQL injection vulnerability via the uid paramete
Blind SQL injection in api_id parameter in Tyk Gateway version 5.0.3 allows attacker to access and d
Blind SQL injection in api_version parameter in Tyk Gateway version 5.0.3 allows attacker to access
Projectworldsl Assets-management-system-in-php 1.0 is vulnerable to SQL Injection via the 'id' param
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
SQL Injection vulnerability in Koha Library Software 23.0.5.04 and before allows a remote attacker t
SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote attackers to execute arbitrary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to
SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to
SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run ar
SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run ar
SQL Injection vulnerability in Relativity ODA LLC RelativityOne v.12.1.537.3 Patch 2 and earlier all
SQL injection vulnerability in Knovos Discovery v.22.67.0 allows a remote attacker to execute arbitr
Nagios XI before version 5.11.3 was discovered to contain a SQL injection vulnerability via the bulk
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the email par
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the username
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the lastname
The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a fir
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parame
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parame
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the subject p
Hotel Booking Management v1.0 was discovered to contain a SQL injection vulnerability via the npss p
Hotel Booking Management v1.0 was discovered to contain a SQL injection vulnerability via the id par
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_s
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_s
Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind
SQL Injection vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker t
SQL injection vulnerability in StackIdeas EasyDiscuss v.5.0.5 and fixed in v.5.0.10 allows a remote
The ChatBot plugin for WordPress is vulnerable to SQL Injection via the $strid parameter in versions
The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via t
The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter
The 'My Calendar' WordPress Plugin, version < 3.4.22 is affected by an unauthenticated SQL injection
The LearnPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order_by’ par
The 'HTML5 Video Player' WordPress Plugin, version < 2.5.25 is affected by an unauthenticated SQL in
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Mem
SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier. A remote
The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vuln
The NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With
SQL injection vulnerability in Projectworlds Visitor Management System in PHP v.1.0 allows a remote
Sourcecodester Login System with Email Verification 1.0 allows SQL Injection via the 'user' paramete
Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.'
Sourcecodester School Task Manager App 1.0 allows SQL Injection via the 'task' parameter.
Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter.
SQL Injection vulnerability in Nagios XI 2024R1.01 allows a remote attacker to execute arbitrary cod
SQL Injection vulnerability in ABO.CMS version 5.8, allows remote attackers to execute arbitrary cod
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup acti
SQL Injection vulnerability in ECshop 4.x allows an attacker to obtain sensitive information via the
The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value' a