Tag
high
advisory
CVE-2018-25428: Paroiciel 11.20 SQL Injection Vulnerability
1 rule 1 TTP 1 CVEParoiciel 11.20 is vulnerable to SQL injection, allowing unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the tRecIdListe parameter via GET requests to the trec.php endpoint, enabling attackers to extract sensitive database information.
Paroiciel 11.20
sql-injection
cve-2018-25428
web-application
attack.initial_access
1r
1t
1c
high
advisory
CVE-2026-7797: WordPress Simply Schedule Appointments Plugin Time-Based Blind SQL Injection
2 rules 1 TTP 1 CVEThe Appointment Booking Calendar WordPress plugin is vulnerable to time-based blind SQL Injection (CVE-2026-7797) via the 'append_where_sql' parameter, allowing unauthenticated attackers to extract sensitive information from the database by injecting SQL queries through the /appointments/bulk REST endpoint with a specific request format.
Appointment Booking Calendar - Simply Schedule Appointments Booking Plugin
wordpress
sqli
cve-2026-7797
attack.initial_access
2r
1t
1c