Total
18405 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-25521 | 1 Xooscripts | 1 Xoogallery | 2026-03-23 | N/A | 8.2 HIGH |
| XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the gal_id parameter. Attackers can send GET requests to gal.php with malicious gal_id values to extract sensitive database information or modify database contents. | |||||
| CVE-2019-25522 | 1 Xooscripts | 1 Xoogallery | 2026-03-23 | N/A | 8.2 HIGH |
| XooGallery Latest contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through the photo_id parameter. Attackers can send GET requests to photo.php with malicious photo_id values to extract sensitive data, bypass authentication, or modify database contents. | |||||
| CVE-2019-25523 | 1 Xooscripts | 1 Xoogallery | 2026-03-23 | N/A | 8.2 HIGH |
| XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_id parameter. Attackers can send GET requests to cat.php with malicious cat_id values to bypass authentication, extract sensitive data, or modify database contents. | |||||
| CVE-2019-25524 | 1 Xooscripts | 1 Xoogallery | 2026-03-23 | N/A | 8.2 HIGH |
| XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to bypass authentication, extract sensitive data, or modify database contents. | |||||
| CVE-2019-25540 | 1 Netartmedia | 1 Php Mall | 2026-03-23 | N/A | 8.2 HIGH |
| Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through various parameters. Attackers can craft malicious requests with SQL payloads to extract sensitive database information including user credentials and system data. | |||||
| CVE-2019-25541 | 1 Netartmedia | 1 Php Mall | 2026-03-23 | N/A | 8.2 HIGH |
| Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. Attackers can inject time-based blind SQL payloads via the 'id' parameter in index.php or the 'Email' parameter in loginaction.php to extract sensitive database information. | |||||
| CVE-2026-4473 | 1 Unguardable | 1 Online Doctor Appointment System | 2026-03-23 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability was detected in itsourcecode Online Doctor Appointment System 1.0. This issue affects some unknown processing of the file /admin/appointment_action.php. The manipulation of the argument appointment_id results in sql injection. The attack can be launched remotely. The exploit is now public and may be used. | |||||
| CVE-2025-67830 | 1 Murasoftware | 1 Mura Cms | 2026-03-21 | N/A | 9.8 CRITICAL |
| Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL injection. | |||||
| CVE-2026-33133 | 1 Wegia | 1 Wegia | 2026-03-20 | N/A | 7.2 HIGH |
| WeGIA is a web manager for charitable institutions. In versions 3.6.5 and 3.6.6, the loadBackupDB() function imports SQL files from uploaded backup archives without any content validation. An attacker can craft a backup archive containing arbitrary SQL statements that create rogue administrator accounts, modify existing passwords, or execute any database operation. This was introduced in commit 370104c. This issue was patched in version 3.6.7. | |||||
| CVE-2026-33134 | 1 Wegia | 1 Wegia | 2026-03-20 | N/A | 9.3 CRITICAL |
| WeGIA is a web manager for charitable institutions. Versions 3.6.5 and below contain an authenticated SQL Injection vulnerability in the html/matPat/restaurar_produto.php endpoint. The vulnerability allows an authenticated attacker to inject arbitrary SQL commands via the id_produto GET parameter, leading to full database compromise. In the script /html/matPat/restaurar_produto.php, the application retrieves the id_produto parameter directly from the $_GET global array and interpolates it directly into two SQL query strings without any sanitization, type-casting (e.g., (int)), or using parameterized (prepare/execute) statements. This issue has been fixed in version 3.6.6. | |||||
| CVE-2026-3021 | 1 Wakyma | 1 Wakyma | 2026-03-20 | N/A | 6.5 MEDIUM |
| Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/centro/equipo/empleado'. This vulnerability could allow an authenticated user to alter a GET request to the affected endpoint for the purpose of injecting special NoSQL commands. This would lead to the enumeration of sensitive employee data. | |||||
| CVE-2025-67829 | 1 Murasoftware | 1 Mura Cms | 2026-03-20 | N/A | 9.8 CRITICAL |
| Mura before 10.1.14 allows beanFeed.cfc getQuery sortDirection SQL injection. | |||||
| CVE-2026-31891 | 1 Agentejo | 1 Cockpit | 2026-03-20 | N/A | 7.7 HIGH |
| Cockpit is a headless content management system. Any Cockpit CMS instance running version 2.13.4 or earlier with API access enabled is potentially affected by a a SQL Injection vulnerability in the MongoLite Aggregation Optimizer. Any deployment where the `/api/content/aggregate/{model}` endpoint is publicly accessible or reachable by untrusted users may be vulnerable, and attackers in possession of a valid read-only API key (the lowest privilege level) can exploit this vulnerability — no admin access is required. An attacker can inject arbitrary SQL via unsanitized field names in aggregation queries, bypass the `_state=1` published-content filter to access unpublished or restricted content, and extract unauthorized data from the underlying SQLite content database. This vulnerability has been patched in version 2.13.5. The fix applies the same field-name sanitization introduced in v2.13.3 for `toJsonPath()` to the `toJsonExtractRaw()` method in `lib/MongoLite/Aggregation/Optimizer.php`, closing the injection vector in the Aggregation Optimizer. | |||||
| CVE-2025-56421 | 1 Limesurvey | 1 Limesurvey | 2026-03-20 | N/A | 7.5 HIGH |
| SQL Injection vulnerability in LimeSurvey before v.6.15.4+250710 allows a remote attacker to obtain sensitive information from the database. | |||||
| CVE-2025-36368 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2026-03-20 | N/A | 6.5 MEDIUM |
| IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, and 6.2.1.0 through 6.2.1.1_1 are vulnerable to SQL injection. An administrative user could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. | |||||
| CVE-2026-32888 | 2026-03-20 | N/A | 8.8 HIGH | ||
| Open Source Point of Sale is a web based point-of-sale application written in PHP using CodeIgniter framework. Versions contain an SQL Injection in the Items search functionality. When the custom attribute search feature is enabled (search_custom filter), user-supplied input from the search GET parameter is interpolated directly into a HAVING clause without parameterization or sanitization. This allows an authenticated attacker with basic item search permissions to execute arbitrary SQL queries. A patch did not exist at the time of publication. | |||||
| CVE-2026-32763 | 2026-03-20 | N/A | 8.2 HIGH | ||
| Kysely is a type-safe TypeScript SQL query builder. Versions up to and including 0.28.11 has a SQL injection vulnerability in JSON path compilation for MySQL and SQLite dialects. The `visitJSONPathLeg()` function appends user-controlled values from `.key()` and `.at()` directly into single-quoted JSON path string literals (`'$.key'`) without escaping single quotes. An attacker can break out of the JSON path string context and inject arbitrary SQL. This is inconsistent with `sanitizeIdentifier()`, which properly doubles delimiter characters for identifiers — both are non-parameterizable SQL constructs requiring manual escaping, but only identifiers are protected. Version 0.28.12 fixes the issue. | |||||
| CVE-2025-69768 | 1 Chyrp | 1 Chyrp | 2026-03-20 | N/A | 7.5 HIGH |
| SQL Injection vulnerability in Chyrp v.2.5.2 and before allows a remote attacker to obtain sensitive information via the Admin.php component | |||||
| CVE-2026-4223 | 1 Angeljudesuarez | 1 Payroll Management System | 2026-03-20 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was identified in itsourcecode Payroll Management System 1.0. This issue affects some unknown processing of the file /manage_employee.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. | |||||
| CVE-2026-3022 | 1 Wakyma | 1 Wakyma | 2026-03-19 | N/A | 6.5 MEDIUM |
| Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/hospitalization/generate-hospitalization-summary'. This vulnerability could allow an authenticated user to alter a POST request to the affected endpoint for the purpose of injecting special NoSQL commands, resulting in the attacker being able to obtain customer reports. | |||||