LIVE · cybersecurity feed

sql-injection

zeroday.news · 106d ago

CVE-2026-23921: A low privilege Zabbix user with API access can exploit a blind SQL injection vulnerability in include/classes/api

A low privilege Zabbix user with API access can exploit a blind SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL selects via the sortfield parameter. Although query results are not returned directly, an attacker can exfiltrate arbitrary database data through time-based techniques, potentially leading to session identifier disclosure and administrator account compromise.

CVE-2026-30655vulnerability
zeroday.news · 106d ago·medium

CVE-2026-30655: SQL injection in Solicitante::resetaSenha() in esiclivre/esiclivre v0.2.2 and earlier allows unauthenticated remot

SQL injection in Solicitante::resetaSenha() in esiclivre/esiclivre v0.2.2 and earlier allows unauthenticated remote attackers to gain unauthorized access to sensitive information via the cpfcnpj parameter in /reset/index.php

CVE-2019-25643vulnerability
zeroday.news · 106d ago·high

CVE-2019-25643: eNdonesia Portal v8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to exec

eNdonesia Portal v8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the bid parameter. Attackers can send GET requests to banners.php with crafted SQL payloads in the bid parameter to extract sensitive database information from the INFORMATION_SCHEMA tables.

CVE-2019-25642vulnerability
zeroday.news · 106d ago·high

CVE-2019-25642: Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arb

Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. Attackers can inject SQL payloads into the thread_id parameter of forum-thread.php, the subject parameter of contact-submit.php, the post-id parameter of post-new-submit.php, and the thread-id parameter to extract sensitive database information or cause denial of service.

CVE-2019-25641vulnerability
zeroday.news · 106d ago·high

CVE-2019-25641: Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulat

Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with malicious email values in the forgotten_password module to extract sensitive database information.

CVE-2019-25640vulnerability
zeroday.news · 106d ago·high

CVE-2019-25640: Inout Article Base CMS contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate d

Inout Article Base CMS contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the 'p' and 'u' parameters. Attackers can inject SQL code using XOR-based payloads in GET requests to portalLogin.php to extract sensitive database information or cause denial of service through time-based attacks.

CVE-2019-25639vulnerability
zeroday.news · 106d ago·high

CVE-2019-25639: Matrimony Website Script M-Plus contains multiple SQL injection vulnerabilities that allow unauthenticated attacke

Matrimony Website Script M-Plus contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through various POST parameters. Attackers can inject malicious SQL payloads into parameters like txtGender, religion, Fage, and cboCountry across simplesearch_results.php, advsearch_results.php, specialcase_results.php, locational_results.php, and registration2.php to extract sensitive database information or execute arbitrary SQL commands.

CVE-2019-25638vulnerability
zeroday.news · 106d ago·high

CVE-2019-25638: Meeplace Business Review Script contains an SQL injection vulnerability that allows unauthenticated attackers to e

Meeplace Business Review Script contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to the addclick.php endpoint with crafted SQL payloads in the 'id' parameter to extract sensitive database information or cause denial of service.

CVE-2019-25636vulnerability
zeroday.news · 106d ago·high

CVE-2019-25636: Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate da

Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter. Attackers can send crafted requests to news_details.php, jobs_details.php, or job_cmp_details.php with malicious 'id' values using GROUP BY and CASE statements to extract sensitive database information.

CVE-2019-25635vulnerability
zeroday.news · 106d ago·high

CVE-2019-25635: Zeeways Matrimony CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to mani

Zeeways Matrimony CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the profile_list endpoint. Attackers can inject SQL code via the up_cast, s_mother, and s_religion parameters to extract sensitive database information using time-based or error-based techniques.

CVE-2026-4662vulnerability
zeroday.news · 106d ago·high

CVE-2026-4662: The JetEngine plugin for WordPress is vulnerable to SQL Injection via the `listing_load_more` AJAX action in all ve

The JetEngine plugin for WordPress is vulnerable to SQL Injection via the `listing_load_more` AJAX action in all versions up to, and including, 3.8.6.1. This is due to the `filtered_query` parameter being excluded from the HMAC signature validation (allowing attacker-controlled input to bypass security checks) combined with the `prepare_where_clause()` method in the SQL Query Builder not sanitizing the `compare` operator before concatenating it into SQL statements. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database, provided the site has a JetEngine Listing Gri

CVE-2026-4632vulnerability
zeroday.news · 106d ago·high

CVE-2026-4632: A weakness has been identified in itsourcecode Online Enrollment System 1.0.

A weakness has been identified in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/user/index.php?view=add of the component Parameter Handler. Executing a manipulation of the argument Name can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.

CVE-2026-4625vulnerability
zeroday.news · 106d ago·high

CVE-2026-4625: A flaw has been found in SourceCodester Online Admission System 1.0.

A flaw has been found in SourceCodester Online Admission System 1.0. This affects an unknown function of the file /programmes.php. Executing a manipulation of the argument program can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used.

CVE-2026-4624vulnerability
zeroday.news · 106d ago·high

CVE-2026-4624: A vulnerability was detected in SourceCodester Online Library Management System 1.0.

A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a manipulation of the argument searchField results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used.

CVE-2026-3079vulnerability
zeroday.news · 106d ago·medium

CVE-2026-3079: The LearnDash LMS plugin for WordPress is vulnerable to blind time-based SQL Injection via the 'filters[orderby_ord

The LearnDash LMS plugin for WordPress is vulnerable to blind time-based SQL Injection via the 'filters[orderby_order]' parameter in the 'learndash_propanel_template' AJAX action in all versions up to, and including, 5.0.3. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE-2026-4615vulnerability
zeroday.news · 106d ago·high

CVE-2026-4615: A vulnerability was identified in SourceCodester Online Catering Reservation 1.0.

A vulnerability was identified in SourceCodester Online Catering Reservation 1.0. Impacted is an unknown function of the file /search.php. Such manipulation of the argument rcode leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.

CVE-2026-4614vulnerability
zeroday.news · 106d ago·medium

CVE-2026-4614: A vulnerability was determined in itsourcecode sanitize or validate this input 1.0.

A vulnerability was determined in itsourcecode sanitize or validate this input 1.0. This issue affects some unknown processing of the file /admin/subjects.php of the component Parameter Handler. This manipulation of the argument subject_code causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

CVE-2026-4613vulnerability
zeroday.news · 106d ago·high

CVE-2026-4613: A vulnerability was found in SourceCodester E-Commerce Site 1.0.

A vulnerability was found in SourceCodester E-Commerce Site 1.0. This vulnerability affects unknown code of the file /products.php. The manipulation of the argument Search results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.

CVE-2026-4306vulnerability
zeroday.news · 106d ago·high

CVE-2026-4306: The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up

The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up to, and including, 2.4.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE-2026-2412vulnerability
zeroday.news · 106d ago·medium

CVE-2026-2412: The Quiz and Survey Master (QSM) plugin for WordPress is vulnerable to SQL Injection via the 'merged_question' para

The Quiz and Survey Master (QSM) plugin for WordPress is vulnerable to SQL Injection via the 'merged_question' parameter in all versions up to, and including, 10.3.5. This is due to insufficient sanitization of user-supplied input before being used in a SQL query. The sanitize_text_field() function applied to the merged_question parameter does not prevent SQL metacharacters like ), OR, AND, and # from being included in the value, which is then directly concatenated into a SQL IN() clause without using $wpdb->prepare() or casting values to integers. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existi

CVE-2026-4612vulnerability
zeroday.news · 106d ago·high

CVE-2026-4612: A vulnerability has been found in itsourcecode Free Hotel Reservation System 1.0.

A vulnerability has been found in itsourcecode Free Hotel Reservation System 1.0. This affects an unknown part of the file /hotel/admin/mod_users/index.php?view=edit&id=8 of the component Parameter Handler. The manipulation of the argument account_id leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

CVE-2026-4597vulnerability
zeroday.news · 106d ago·medium

CVE-2026-4597: A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4.

A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. Impacted is the function selectAll of the file src/main/java/com/genersoft/iot/vmp/streamProxy/dao/provider/StreamProxyProvider.java of the component Stream Proxy Query Handler. The manipulation results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-33651vulnerability
zeroday.news · 107d ago·high

CVE-2026-33651: WWBN AVideo is an open source video platform.

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `remindMe.json.php` endpoint passes `$_REQUEST['live_schedule_id']` through multiple functions without sanitization until it reaches `Scheduler_commands::getAllActiveOrToRepeat()`, which directly concatenates it into a SQL `LIKE` clause. Although intermediate functions (`new Live_schedule()`, `getUsers_idOrCompany()`) apply `intval()` internally, they do so on local copies within `ObjectYPT::getFromDb()`, leaving the original tainted variable unchanged. Any authenticated user can perform time-based blind SQL injection to extract arbitrary database contents. Commit 75d45780728294ededa1e3f842f95295d3e7d144

CVE-2026-4594vulnerability
zeroday.news · 107d ago·high

CVE-2026-4594: A vulnerability has been found in erupts erupt up to 1.13.3.

A vulnerability has been found in erupts erupt up to 1.13.3. Affected by this issue is the function geneEruptHqlOrderBy of the file erupt-data/erupt-jpa/src/main/java/xyz/erupt/jpa/dao/EruptJpaUtils.java. Such manipulation of the argument sort.field leads to sql injection hibernate. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-4593vulnerability
zeroday.news · 107d ago·medium

CVE-2026-4593: A flaw has been found in erupts erupt bis 1.13.3.

A flaw has been found in erupts erupt bis 1.13.3. Affected by this vulnerability is the function EruptDataQuery of the file erupt-ai/src/main/java/xyz/erupt/ai/call/impl/EruptDataQuery.java of the component MCP Tool Interface. This manipulation causes sql injection hibernate. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-33485vulnerability
zeroday.news · 107d ago·high

CVE-2026-33485: WWBN AVideo is an open source video platform.

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the RTMP `on_publish` callback at `plugin/Live/on_publish.php` is accessible without authentication. The `$_POST['name']` parameter (stream key) is interpolated directly into SQL queries in two locations — `LiveTransmitionHistory::getLatest()` and `LiveTransmition::keyExists()` — without parameterized binding or escaping. An unauthenticated attacker can exploit time-based blind SQL injection to extract all database contents including user password hashes, email addresses, and other sensitive data. Commit af59eade82de645b20183cc3d74467a7eac76549 contains a patch.

CVE-2026-33352vulnerability
zeroday.news · 107d ago·critical

CVE-2026-33352: WWBN AVideo is an open source video platform.

WWBN AVideo is an open source video platform. Prior to version 26.0, an unauthenticated SQL injection vulnerability exists in `objects/category.php` in the `getAllCategories()` method. The `doNotShowCats` request parameter is sanitized only by stripping single-quote characters (`str_replace("'", '', ...)`), but this is trivially bypassed using a backslash escape technique to shift SQL string boundaries. The parameter is not covered by any of the application's global input filters in `objects/security.php`. Version 26.0 contains a patch for the issue.

CVE-2025-41008vulnerability
zeroday.news · 107d ago

CVE-2025-41008: SQL injection vulnerability in Sinturno.

SQL injection vulnerability in Sinturno. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'client' parameter in the '/_adm/scripts/modalReport_data.php' endpoint.

CVE-2025-41007vulnerability
zeroday.news · 107d ago

CVE-2025-41007: SQL Injection in Cuantis.

SQL Injection in Cuantis. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'search' parameter in the '/search.php' endpoint.

CVE-2026-32969vulnerability
zeroday.news · 107d ago·high

CVE-2026-32969: An unauthenticated remote attacker can exploit a Pre-Auth blind SQL Injection vulnerability in the userinfo endpoi

An unauthenticated remote attacker can exploit a Pre-Auth blind SQL Injection vulnerability in the userinfo endpoint’s authentication method due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

CVE-2026-4581vulnerability
zeroday.news · 107d ago·high

CVE-2026-4581: A weakness has been identified in code-projects Simple Laundry System 1.0.

A weakness has been identified in code-projects Simple Laundry System 1.0. Affected is an unknown function of the file /checklogin.php of the component Parameters Handler. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks.

CVE-2026-4580vulnerability
zeroday.news · 107d ago·high

CVE-2026-4580: A security flaw has been discovered in code-projects Simple Laundry System 1.0.

A security flaw has been discovered in code-projects Simple Laundry System 1.0. This impacts an unknown function of the file /checkupdatestatus.php of the component Parameters Handler. The manipulation of the argument serviceId results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.

CVE-2026-4579vulnerability
zeroday.news · 107d ago·high

CVE-2026-4579: A vulnerability was identified in code-projects Simple Laundry System 1.0.

A vulnerability was identified in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /viewdetail.php of the component Parameters Handler. The manipulation of the argument serviceId leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

CVE-2026-4574vulnerability
zeroday.news · 107d ago·medium

CVE-2026-4574: A vulnerability was detected in SourceCodester Simple E-learning System 1.0.

A vulnerability was detected in SourceCodester Simple E-learning System 1.0. This vulnerability affects unknown code of the component User Profile Update Handler. The manipulation of the argument firstName results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used.

CVE-2026-4573vulnerability
zeroday.news · 107d ago·medium

CVE-2026-4573: A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0.

A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0. This affects an unknown part of the file /includes/form_handlers/delete_post.php of the component HTTP GET Parameter Handler. The manipulation of the argument post_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.

CVE-2026-4572vulnerability
zeroday.news · 107d ago·medium

CVE-2026-4572: A weakness has been identified in SourceCodester Sales and Inventory System 1.0.

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /view_product.php of the component HTTP POST Request Handler. Executing a manipulation of the argument searchtxt can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.

CVE-2026-4571vulnerability
zeroday.news · 107d ago·medium

CVE-2026-4571: A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0.

A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_payments.php of the component HTTP POST Request Handler. Performing a manipulation of the argument searchtxt results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks.

CVE-2026-4570vulnerability
zeroday.news · 107d ago·medium

CVE-2026-4570: A vulnerability was identified in SourceCodester Sales and Inventory System 1.0.

A vulnerability was identified in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /view_customers.php of the component HTTP POST Request Handler. Such manipulation of the argument searchtxt leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used.

CVE-2026-4569vulnerability
zeroday.news · 107d ago·medium

CVE-2026-4569: A vulnerability was determined in SourceCodester Sales and Inventory System 1.0.

A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This impacts an unknown function of the file /view_category.php of the component HTTP POST Request Handler. This manipulation of the argument searchtxt causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

CVE-2026-4568vulnerability
zeroday.news · 107d ago·medium

CVE-2026-4568: A vulnerability was found in SourceCodester Sales and Inventory System 1.0.

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /update_supplier.php of the component HTTP GET Request Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used.

CVE-2026-2580vulnerability
zeroday.news · 107d ago·high

CVE-2026-2580: The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vu

The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 4.9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE-2026-4550vulnerability
zeroday.news · 108d ago·medium

CVE-2026-4550: A vulnerability has been found in code-projects Simple Gym Management System up to 1.0.

A vulnerability has been found in code-projects Simple Gym Management System up to 1.0. This affects an unknown part of the file /gym/func.php. Such manipulation of the argument Trainer_id/fname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

CVE-2026-4540vulnerability
zeroday.news · 108d ago·high

CVE-2026-4540: A vulnerability was detected in projectworlds Online Notes Sharing System 1.0.

A vulnerability was detected in projectworlds Online Notes Sharing System 1.0. This issue affects some unknown processing of the file /login.php of the component Parameters Handler. The manipulation of the argument User results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.

CVE-2026-4533vulnerability
zeroday.news · 108d ago·medium

CVE-2026-4533: A vulnerability was detected in code-projects Simple Food Ordering System 1.0.

A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used.

CVE-2026-4530vulnerability
zeroday.news · 108d ago·medium

CVE-2026-4530: A security flaw has been discovered in apconw Aix-DB up to 1.2.3.

A security flaw has been discovered in apconw Aix-DB up to 1.2.3. This impacts an unknown function of the file agent/text2sql/rag/terminology_retriever.py. Performing a manipulation of the argument Description results in sql injection. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2019-25581vulnerability
zeroday.news · 109d ago·high

CVE-2019-25581: i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrar

i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the objGroupID parameter. Attackers can send GET requests with crafted SQL payloads in the objGroupID parameter to extract sensitive database information including usernames, database names, and version details.

CVE-2019-25580vulnerability
zeroday.news · 109d ago·high

CVE-2019-25580: ownDMS 4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL

ownDMS 4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the IMG parameter. Attackers can send GET requests to pdfstream.php, imagestream.php, or anyfilestream.php with crafted SQL payloads in the IMG parameter to extract sensitive database information including version and database names.

CVE-2019-25578vulnerability
zeroday.news · 109d ago·high

CVE-2019-25578: phpTransformer 2016.9 contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQ

phpTransformer 2016.9 contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the idnews parameter. Attackers can send crafted GET requests to GeneratePDF.php with SQL payloads in the idnews parameter to extract sensitive database information or manipulate queries.

CVE-2019-25576vulnerability
zeroday.news · 109d ago·high

CVE-2019-25576: Kepler Wallpaper Script 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execu

Kepler Wallpaper Script 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the category parameter. Attackers can send GET requests to the category endpoint with URL-encoded SQL UNION statements to extract database information including usernames, database names, and MySQL version details.

CVE-2019-25575vulnerability
zeroday.news · 109d ago·high

CVE-2019-25575: SimplePress CMS 1.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arb

SimplePress CMS 1.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'p' and 's' parameters. Attackers can send GET requests with crafted SQL payloads to extract sensitive database information including usernames, database names, and version details.

CVE-2019-25573vulnerability
zeroday.news · 109d ago·high

CVE-2019-25573: Green CMS 2.x contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL

Green CMS 2.x contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the cat parameter. Attackers can send GET requests to index.php with m=admin, c=posts, a=index parameters and inject SQL code in the cat parameter to manipulate database queries and extract sensitive information.

CVE-2026-4513vulnerability
zeroday.news · 109d ago·medium

CVE-2026-4513: A vulnerability was detected in vanna-ai vanna up to 2.0.2.

A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\legacy\base\base.py. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-4087vulnerability
zeroday.news · 109d ago·medium

CVE-2026-4087: The Pre* Party Resource Hints plugin for WordPress is vulnerable to SQL Injection via the 'hint_ids' parameter of t

The Pre* Party Resource Hints plugin for WordPress is vulnerable to SQL Injection via the 'hint_ids' parameter of the pprh_update_hints AJAX action in all versions up to, and including, 1.8.20. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE-2026-3334vulnerability
zeroday.news · 109d ago·high

CVE-2026-3334: The CMS Commander plugin for WordPress is vulnerable to SQL Injection via the 'or_blogname', 'or_blogdescription',

The CMS Commander plugin for WordPress is vulnerable to SQL Injection via the 'or_blogname', 'or_blogdescription', and 'or_admin_email' parameters in all versions up to, and including, 2.288. This is due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL queries in the restore workflow. This makes it possible for authenticated attackers, with CMS Commander API key access, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE-2026-2503vulnerability
zeroday.news · 109d ago·medium

CVE-2026-2503: The ElementCamp plugin for WordPress is vulnerable to time-based SQL Injection via the 'meta_query[compare]' parame

The ElementCamp plugin for WordPress is vulnerable to time-based SQL Injection via the 'meta_query[compare]' parameter in the 'tcg_select2_search_post' AJAX action in all versions up to, and including, 2.3.6. This is due to the user-supplied compare value being placed as an SQL operator in the query without validation against an allowlist of comparison operators. The value is passed through esc_sql(), but since the payload operates as an operator (not inside quotes), esc_sql() has no effect on payloads that don't contain quote characters. This makes it possible for authenticated attackers, with Author-level access and above, to append additional SQL queries into already existing queries that

CVE-2026-2468vulnerability
zeroday.news · 109d ago·high

CVE-2026-2468: The Quentn WP plugin for WordPress is vulnerable to SQL Injection via the 'qntn_wp_access' cookie in all versions u

The Quentn WP plugin for WordPress is vulnerable to SQL Injection via the 'qntn_wp_access' cookie in all versions up to, and including, 1.2.12. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query in the `get_user_access()` method. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE-2026-2279vulnerability
zeroday.news · 109d ago·high

CVE-2026-2279: The myLinksDump plugin for WordPress is vulnerable to SQL Injection via the 'sort_by' and 'sort_order' parameters i

The myLinksDump plugin for WordPress is vulnerable to SQL Injection via the 'sort_by' and 'sort_order' parameters in all versions up to, and including, 1.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE-2026-1800vulnerability
zeroday.news · 109d ago·high

CVE-2026-1800: The Fonts Manager | Custom Fonts plugin for WordPress is vulnerable to time-based SQL Injection via the ‘fmcfIdSele

The Fonts Manager | Custom Fonts plugin for WordPress is vulnerable to time-based SQL Injection via the ‘fmcfIdSelectedFnt’ parameter in all versions up to, and including, 1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE-2026-4508vulnerability
zeroday.news · 109d ago·high

CVE-2026-4508: A vulnerability was identified in PbootCMS up to 3.2.12.

A vulnerability was identified in PbootCMS up to 3.2.12. The impacted element is the function checkUsername of the file apps/home/controller/MemberController.php of the component Member Login. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used.

CVE-2026-4507vulnerability
zeroday.news · 109d ago·medium

CVE-2026-4507: A vulnerability was determined in Mindinventory MindSQL up to 0.2.1.

A vulnerability was determined in Mindinventory MindSQL up to 0.2.1. The affected element is the function ask_db of the file mindsql/core/mindsql_core.py. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.