Sql-Injection

Shandong Hoteam Software PDM Product Data Management System up to version 8.3.9 is vulnerable to SQL injection via manipulation of the SortOrder argument in the GetQueryMachineGridOnePageData function of the /Base/BaseService.asmx/DataService file, allowing remote attackers to potentially execute arbitrary SQL commands.

A SQL injection vulnerability in Acrel Electrical ECEMS Enterprise Microgrid Energy Efficiency Management System 1.3.0 allows remote attackers to execute arbitrary SQL commands by manipulating the 'fCircuitids' argument in the '/SubstationWEBV2/main/elecMaxMinAvgValue' file.

Jinher OA 1.0 is vulnerable to remote SQL injection via the DeptIDList parameter in the /C6/JHSoft.Web.PlanSummarize/UserSel.aspx file, potentially allowing attackers to execute arbitrary SQL queries.

CVE-2026-7632 is a SQL injection vulnerability in code-projects Online Hospital Management System 1.0, allowing a remote attacker to execute arbitrary SQL commands by manipulating the 'delid' argument in the '/viewappointment.php' file.

A time-based SQL injection vulnerability (CVE-2026-4061) exists in the Geo Mashup WordPress plugin (<= 1.13.18) due to insufficient sanitization of the 'map_post_type' parameter, enabling unauthenticated attackers to extract sensitive information via time-based blind SQL injection if the Geo Search feature is enabled.

itsourcecode Courier Management System 1.0 is vulnerable to SQL Injection via the ID parameter in /edit_staff.php, potentially allowing remote attackers to execute arbitrary SQL commands.

SourceCodester Pharmacy Sales and Inventory System 1.0 is vulnerable to remote SQL injection via the ID parameter in the /ajax.php?action=delete_customer endpoint, allowing attackers to potentially read, modify, or delete database information.

CVE-2026-7550 is an SQL injection vulnerability in SourceCodester Pharmacy Sales and Inventory System 1.0, allowing remote attackers to execute arbitrary SQL commands by manipulating the ID argument in the /ajax.php?action=save_customer endpoint.

XATABoost CMS 1.0.0 is vulnerable to union-based SQL injection, allowing unauthenticated attackers to manipulate database queries by injecting SQL code through the id parameter via GET requests to news.php, enabling extraction of sensitive database information.

A remote SQL injection vulnerability (CVE-2026-7389) exists in EyouCMS versions up to 1.7.9 due to improper handling of the 'sort_asc' argument in the GetSortData function, potentially allowing attackers to execute arbitrary SQL commands.

A SQL injection vulnerability exists in dubydu sqlite-mcp version 0.1.0 and earlier within the extract_to_json function allowing remote exploitation through manipulation of the output_filename argument.

A SQL injection vulnerability (CVE-2026-7199) exists in SourceCodester Pharmacy Sales and Inventory System 1.0, allowing remote attackers to execute arbitrary SQL commands by manipulating the 'ID' parameter in the `/ajax.php?action=delete_product` endpoint, potentially leading to data breach or system compromise.

CVE-2026-7131 is a SQL injection vulnerability in code-projects Online Lot Reservation System up to version 1.0, affecting the /loginuser.php component via manipulation of the email/password arguments, which could allow remote attackers to execute arbitrary SQL queries.

A SQL injection vulnerability exists in itsourcecode Construction Management System version 1.0, affecting the processing of the /locations.php file, allowing a remote attacker to inject SQL commands by manipulating the 'address' argument, with a publicly available exploit.

A SQL injection vulnerability exists in CodePanda Source canteen_management_system version 1.0 within the /api/login.php file by manipulating the Username argument, allowing remote attackers to execute arbitrary SQL commands.

A SQL injection vulnerability exists in code-projects Inventory Management System 1.0 within the Login component, specifically affecting the Username argument, where a remote attacker can manipulate the Username parameter, leading to unauthorized data access or modification.

KLiK SocialMediaWebsite up to version 1.0.1 is vulnerable to SQL injection via manipulation of the c_id argument in the /includes/get_message_ajax.php file, specifically affecting the Private Message Handler component, which can be exploited remotely.

A SQL injection vulnerability exists in the Time-Series Database (TSDB) component of COSMOS, allowing an authenticated remote user to execute arbitrary SQL commands, including telemetry data disclosure and deletion.

A SQL injection vulnerability exists in Daptin versions prior to 0.11.4 within the `/aggregate/:typename` endpoint, where the `column` and `group` query parameters are passed to `goqu.L()` without validation, allowing authenticated users to inject arbitrary SQL expressions and exfiltrate sensitive data.

The ElectricSQL sync engine is vulnerable to SQL injection, potentially allowing authenticated users to read, write, and destroy the underlying PostgreSQL database.

Multiple vulnerabilities in OpenBao can be exploited by an attacker to bypass security measures, conduct a denial of service attack, and conduct a SQL injection attack.

A SQL injection vulnerability (CVE-2026-6629) exists in Metasoft MetaCRM up to version 6.4.0, allowing remote attackers to execute arbitrary SQL commands via manipulation of the sql argument in the Statement.executeUpdate function of the sql.jsp file.

Digiwin's EasyFlow .NET is susceptible to a SQL Injection vulnerability, enabling unauthenticated remote attackers to inject arbitrary SQL commands for unauthorized database access, modification, and deletion.

Digiwin EasyFlow .NET is vulnerable to SQL Injection, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

WeGIA versions prior to 3.6.10 are vulnerable to SQL injection via the cpf_usuario POST parameter, allowing authenticated users to query the database under an arbitrary identity.

PraisonAI is vulnerable to SQL injection across nine database backends due to unsanitized `table_prefix` parameters, and in PostgreSQL due to an unsanitized `schema` parameter, enabling arbitrary SQL execution.

YesWiki is vulnerable to authenticated SQL Injection via the id_fiche parameter in the EntryManager::formatDataBeforeSave() function, allowing attackers to inject arbitrary SQL commands and potentially extract sensitive data.

An SQL Injection vulnerability, identified as CVE-2025-63029, exists in the WC Lovers WCFM Marketplace WordPress plugin up to version 3.7.1, potentially allowing attackers to execute arbitrary SQL queries.

Krayin CRM v2.2.x is vulnerable to SQL injection via the rotten_lead parameter in /Lead/LeadDataGrid.php, potentially allowing attackers to read sensitive data.

A critical SQL injection vulnerability (CVE-2025-63939) exists in the anirudhkannan Grocery Store Management System 1.0, allowing unauthenticated attackers to execute arbitrary SQL queries via the sitem_name POST parameter in /Grocery/search_products_itname.php.

CVE-2026-27681 describes an insufficient authorization check vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse that allows authenticated users to execute crafted SQL statements, leading to unauthorized data access, modification, and deletion.

A remote attacker can exploit an SQL injection vulnerability (CVE-2026-6167) in the code-projects Faculty Management System 1.0 by manipulating the ID argument in the /subject-print.php file, potentially leading to data exfiltration or modification.

A remote SQL injection vulnerability (CVE-2026-6163) exists in code-projects Lost and Found Thing Management 1.0 via manipulation of the 'cat' parameter in /catageory.php, potentially allowing attackers to read, modify, or delete database information.

CVE-2026-6161 is an unauthenticated SQL injection vulnerability in the Simple ChatBox application (<= 1.0) that can be exploited by sending a crafted HTTP request to `/chatbox/insert.php`.

MyT-PM 1.5.1 is vulnerable to SQL injection, allowing authenticated attackers to execute arbitrary SQL queries via the Charge[group_total] parameter.

eBrigade ERP 4.5 is vulnerable to SQL injection via the 'id' parameter in pdf.php, allowing authenticated attackers to execute arbitrary SQL queries and extract sensitive database information.

A remote SQL injection vulnerability (CVE-2026-6038) exists in the code-projects Vehicle Showroom Management System 1.0, specifically affecting the /util/RegisterCustomerFunction.php file by manipulating the BRANCH_ID argument.

The WordPress adivaha Travel Plugin version 2.3 is vulnerable to time-based blind SQL injection via the 'pid' GET parameter, allowing unauthenticated attackers to inject SQL code through the /mobile-app/v3/ endpoint for potential data extraction or denial of service.

PHPGurukul News Portal Project version 4.1 is vulnerable to SQL injection via the Comment parameter in /news-details.php, potentially allowing remote attackers to execute arbitrary SQL queries.

A remote SQL injection vulnerability (CVE-2026-5829) exists in code-projects Simple IT Discussion Forum 1.0 due to improper handling of the 'post_id' argument in the '/pages/content.php' file, allowing attackers to execute arbitrary SQL queries.

Drizzle ORM versions before 0.45.2 and 1.0.0-beta.20 are vulnerable to SQL injection due to improper escaping of SQL identifiers, allowing attackers to inject malicious SQL code through manipulated input leading to potential data breaches.

A remote SQL injection vulnerability, CVE-2026-5736, exists in PowerJob versions 5.1.0 through 5.1.2 within the detailPlus Endpoint, potentially allowing unauthenticated attackers to execute arbitrary SQL queries.

Windmill CE/EE versions 1.276.0 through 1.603.2 are vulnerable to SQL injection in the folder ownership management, allowing authenticated attackers to inject SQL through the owner parameter, leading to sensitive data access, token forgery, and arbitrary code execution.

ChurchCRM versions prior to 7.1.0 are vulnerable to SQL injection via the NewRole POST parameter, allowing authenticated users with the ManageGroups role to execute arbitrary SQL commands.

WeGIA web manager versions prior to 3.6.9 are vulnerable to SQL injection, allowing authenticated users to execute arbitrary SQL commands by directly interpolating the id_memorando parameter from $_REQUEST into SQL queries without validation, as identified by CVE-2026-35395.

The Media Library Assistant WordPress plugin through version 3.34 is vulnerable to SQL injection, allowing attackers to manipulate database queries.

GLPI versions 11.0.0 to before 11.0.6 are susceptible to an unauthenticated time-based blind SQL injection vulnerability in the search engine, allowing remote attackers to potentially extract sensitive information.

A SQL injection vulnerability (CVE-2026-5637) exists in projectworlds Car Rental System 1.0's /message_admin.php, allowing remote attackers to execute arbitrary SQL commands by manipulating the 'Message' argument.

Kados R10 GreenBee is vulnerable to SQL injection (CVE-2019-25704), allowing attackers to manipulate database queries via the filter_user_mail parameter, potentially leading to data extraction or modification.

Kados R10 GreenBee is vulnerable to SQL injection via the id_project parameter, allowing attackers to manipulate database queries to extract sensitive information or modify data.

C4G Basic Laboratory Information System 3.4 is vulnerable to SQL injection, allowing unauthenticated attackers to execute arbitrary SQL commands via the 'site' parameter in GET requests to the users_select.php endpoint, potentially leading to sensitive data extraction.

SuiteCRM 7.10.7 is vulnerable to time-based SQL injection in the record parameter of the Users module DetailView action, allowing authenticated attackers to manipulate database queries and potentially extract sensitive information.

A SQL injection vulnerability (CVE-2026-5575) exists in the Login component of SourceCodester/jkev Record Management System 1.0, allowing remote attackers to execute arbitrary SQL commands by manipulating the Username parameter in index.php.

A remote SQL Injection vulnerability exists in code-projects Simple Laundry System 1.0 within the /delmemberinfo.php file's userid parameter, potentially allowing attackers to execute arbitrary SQL commands.

A remote attacker can exploit CVE-2026-5554 in code-projects Concert Ticket Reservation System 1.0 to perform SQL injection by manipulating the searching argument in the process_search.php file.

A SQL injection vulnerability (CVE-2026-5551) exists in itsourcecode Free Hotel Reservation System 1.0, specifically affecting the `email` parameter within the `/hotel/admin/login.php` file, allowing remote attackers to execute arbitrary SQL queries.

CVE-2026-27885 is a SQL Injection vulnerability in Piwigo before version 16.3.0, affecting the Activity List API endpoint, allowing an authenticated administrator to extract sensitive data.

A SQL Injection vulnerability (CVE-2026-27834) exists in Piwigo versions prior to 16.3.0, allowing authenticated administrators to execute arbitrary SQL commands via the pwg.users.getList Web Service API method.

A SQL injection vulnerability exists in itsourcecode Online Enrollment System 1.0 within the Parameter Handler component at /enrollment/index.php, where manipulating the deptid argument can lead to remote code execution, with public exploits available.

CVE-2026-33616 describes an unauthenticated blind SQL Injection vulnerability affecting an mb24api endpoint, which a remote attacker can exploit by injecting special elements into a SQL SELECT command, potentially leading to a total loss of confidentiality due to improper neutralization of special elements.

An unauthenticated remote attacker can exploit a SQL Injection vulnerability (CVE-2026-33615) in the setinfo endpoint by injecting malicious code into a SQL UPDATE command, leading to a total loss of integrity and availability.

An unauthenticated SQL Injection vulnerability (CVE-2026-33614) in the getinfo endpoint allows a remote attacker to execute arbitrary SQL commands due to improper neutralization of special elements, potentially leading to a total loss of confidentiality.

A SQL injection vulnerability exists in the MCP Handler component of AlejandroArciniegas mcp-data-vis, specifically in the Request function of src/servers/database/server.js, allowing remote attackers to execute arbitrary SQL commands.

pandas-ai v3.0.0 is vulnerable to SQL injection via the pandasai.agent.base._execute_sql_query component, potentially allowing unauthorized database access and modification.

A remote, authenticated attacker can exploit multiple vulnerabilities in Django to perform SQL injections, disclose confidential information, or cause a denial-of-service condition.

itsourcecode Payroll Management System 1.0 is vulnerable to SQL injection via the ID parameter in /view_employee.php, allowing remote attackers to execute arbitrary SQL commands.

A SQL injection vulnerability (CVE-2026-5237) exists in itsourcecode Payroll Management System 1.0, allowing remote attackers to execute arbitrary SQL commands by manipulating the ID parameter in the /manage_user.php file.

CVE-2026-5198 is a SQL injection vulnerability in the Admin Login component of code-projects Student Membership System 1.0, affecting the /admin/index.php file, enabling remote exploitation through manipulation of username/password parameters.

A remote SQL injection vulnerability exists in the User Registration Handler component of code-projects Student Membership System 1.0, exploitable through manipulation of input.

A SQL Injection vulnerability (CVE-2026-5180) exists in SourceCodester Simple Doctors Appointment System 1.0, allowing remote attackers to execute arbitrary SQL commands by manipulating the 'email' parameter in the /admin/ajax.php?action=login2 endpoint.

A SQL injection vulnerability (CVE-2026-5179) exists in SourceCodester Simple Doctors Appointment System 1.0, allowing remote attackers to execute arbitrary SQL commands by manipulating the Username argument in the /admin/login.php file, with a public exploit available.

A SQL injection vulnerability exists in SciTokens versions before 1.9.6, allowing attackers to execute arbitrary SQL commands via the KeyCache class by manipulating user-supplied data used in SQL query construction.

A remote SQL injection vulnerability (CVE-2026-5150) exists in code-projects Accounting System 1.0 via manipulation of the 'cos_id' argument in /viewin_costumer.php, potentially allowing attackers to execute arbitrary SQL commands.

A remote SQL injection vulnerability (CVE-2026-5147) exists in YunaiV yudao-cloud up to version 2026.01 via the Website argument in the /admin-api/system/tenant/get-by-website endpoint, allowing unauthenticated attackers to potentially execute arbitrary SQL queries.

Multiple vulnerabilities in Fleet allow an attacker to perform SQL injection, denial of service, bypass security measures, disclose information, and execute arbitrary program code with administrator privileges.

Multiple vulnerabilities in Dovecot can be exploited by an attacker to perform SQL injection attacks, bypass authentication, disclose sensitive information, or cause a denial-of-service condition.

A SQL injection vulnerability exists in code-projects Simple Food Order System 1.0 within the register-router.php file, where manipulation of the Name argument can lead to remote code execution.

CVE-2026-5017 is a SQL injection vulnerability in code-projects Simple Food Order System 1.0, allowing remote attackers to execute arbitrary SQL commands by manipulating the 'Status' parameter in the `/all-tickets.php` file.

A SQL injection vulnerability exists in Sinaptik AI PandasAI up to version 0.1.4 within the pandasai-lancedb Extension, allowing remote exploitation through manipulation of multiple functions in the lancedb.py file.

WeGIA web manager prior to version 3.6.7 is vulnerable to SQL injection via the `id_tag` parameter in the `deletar_tag.php` script due to unsanitized input and direct concatenation into SQL queries, potentially allowing attackers to read, modify, or delete data.

A SQL injection vulnerability (CVE-2026-4910) exists in Shenzhen Ruiming Technology Streamax Crocus bis 1.3.44 via the /RemoteFormat.do endpoint, allowing remote attackers to execute arbitrary SQL commands by manipulating the State argument.

A SQL injection vulnerability exists in the ListCourierMessages Admin API of Ory Kratos versions prior to 26.2.0 due to flaws in its pagination implementation, allowing attackers to craft malicious tokens if the pagination secret is known or the default secret is used.

A SQL injection vulnerability exists in Kysely versions prior to 0.28.14 due to insufficient backslash escaping in the `DefaultQueryCompiler.sanitizeStringLiteral()` function, potentially allowing attackers to inject arbitrary SQL when using the MySQL dialect, specifically affecting `CreateIndexBuilder.where()` and `CreateViewBuilder.as()` methods.

Kysely versions 0.28.12 and 0.28.13 are vulnerable to SQL injection due to insufficient escaping of backslashes in the `sanitizeStringLiteral` method, potentially leading to arbitrary SQL execution on MySQL servers.

CVE-2025-55262 is a SQL Injection vulnerability affecting HCL Aftermarket DPC, allowing an attacker to retrieve sensitive information from the database and potentially gain unauthorized access.

Online Quiz Maker 1.0 is vulnerable to SQL injection via the catid and usern parameters, allowing authenticated attackers to execute arbitrary SQL commands by submitting malicious POST requests to quiz-system.php or add-category.php.

ASP.NET jVideo Kit 1.0 is vulnerable to SQL injection via the 'query' parameter in the search functionality, allowing unauthenticated attackers to inject malicious SQL payloads to extract sensitive database information.

School Management System CMS 1.0 is vulnerable to SQL injection in the admin login functionality, allowing attackers to bypass authentication by injecting SQL code through the username parameter.

CVE-2026-4844 describes a SQL injection vulnerability in the Admin Login Module of code-projects Online Food Ordering System 1.0, which can be exploited remotely by manipulating the Username argument in the /admin.php file.

OpenCart Core 4.0.2.3 is vulnerable to SQL injection via the 'search' parameter, enabling unauthenticated attackers to manipulate database queries and extract sensitive information through boolean-based or time-based blind SQL injection.

A SQL injection vulnerability exists in SourceCodester Online Catering Reservation 1.0's `/search.php` file, allowing remote attackers to execute arbitrary SQL commands by manipulating the `rcode` argument.

A SQL injection vulnerability (CVE-2026-4612) exists in itsourcecode Free Hotel Reservation System 1.0 within the Parameter Handler component, allowing remote attackers to execute arbitrary SQL commands via the account_id parameter in the /hotel/admin/mod_users/index.php script.

eNdonesia Portal v8.7 is vulnerable to SQL injection allowing unauthenticated attackers to execute arbitrary SQL queries via the bid parameter in banners.php, potentially leading to sensitive data extraction.

Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters to extract sensitive database information or cause denial of service.

Inout Article Base CMS is vulnerable to SQL injection, allowing unauthenticated attackers to manipulate database queries through the 'p' and 'u' parameters via XOR-based payloads in GET requests to portalLogin.php, potentially leading to sensitive information extraction or denial-of-service.

Zeeways Matrimony CMS is vulnerable to SQL injection via the profile_list endpoint, where an unauthenticated attacker can inject SQL code via the up_cast, s_mother, and s_religion parameters, potentially allowing them to extract sensitive information.

Zeeways Jobsite CMS is vulnerable to SQL injection, allowing unauthenticated attackers to inject SQL code through the 'id' GET parameter in crafted requests to news_details.php, jobs_details.php, or job_cmp_details.php to extract sensitive database information.

Meeplace Business Review Script is vulnerable to SQL injection via the 'id' parameter in the addclick.php endpoint, allowing unauthenticated attackers to execute arbitrary SQL queries and potentially extract sensitive database information or cause a denial of service.

The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter, allowing unauthenticated attackers to extract sensitive database information in versions up to 2.4.8.

A remote SQL injection vulnerability (CVE-2026-4624) exists in SourceCodester Online Library Management System 1.0 by manipulating the 'searchField' parameter in the /home.php file, potentially allowing attackers to execute arbitrary SQL commands.

An anonymous, remote attacker can exploit a vulnerability in the PostgreSQL JDBC Driver to perform SQL injection attacks.

CVE-2026-4632 is a SQL Injection vulnerability in itsourcecode Online Enrollment System 1.0, specifically affecting the Parameter Handler component at '/sms/user/index.php?view=add', allowing a remote attacker to inject malicious SQL code by manipulating the 'Name' argument, with a public exploit available.

A SQL injection vulnerability in SourceCodester Online Admission System 1.0 allows remote attackers to execute arbitrary SQL commands by manipulating the 'program' argument in the /programmes.php file.

A remote SQL injection vulnerability (CVE-2026-4613) exists in SourceCodester E-Commerce Site 1.0 within the /products.php file due to improper input sanitization of the 'Search' argument, potentially allowing attackers to read or modify sensitive database information.

A SQL injection vulnerability (CVE-2026-4594) exists in erupts erupt up to version 1.13.3, allowing remote attackers to execute arbitrary SQL commands by manipulating the sort.field argument in the geneEruptHqlOrderBy function.

Multiple critical vulnerabilities in n8n versions prior to 2.10.1, 2.9.3, and 1.123.22 enable authenticated users to execute arbitrary code and system commands, potentially leading to full system compromise.

A SQL injection vulnerability exists in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0 when manipulating the 'fCircuitids' argument in the '/SubstationWEBV2/main/elecMaxMinAvgValue' file, potentially allowing for remote code execution or data exfiltration.

A SQL injection vulnerability exists in nocobase plugin-collection-sql versions 2.0.32 and earlier due to missing validation on the sqlCollection:update endpoint, allowing attackers with collection management permissions to execute arbitrary SQL queries and exfiltrate data.

A SQL injection vulnerability (CVE-2026-7060) exists in liyupi yu-picture versions up to a053632c41340152bf75b66b3c543d129123d8ec, allowing a remote attacker to execute arbitrary SQL commands by manipulating the sortField argument in the PageRequest function of PictureServiceImpl.java.

A remote SQL injection vulnerability (CVE-2026-7555) exists in itsourcecode Electronic Judging System 1.0 via manipulation of the Username argument in the /intrams/login.php file, potentially leading to unauthorized data access and modification.

An unauthenticated SQL injection vulnerability in CKAN's `datastore_search_sql` function allows attackers to access private resources and PostgreSQL system information, affecting versions prior to 2.10.10 and versions 2.11.0 through 2.11.4.

A time-based blind SQL Injection vulnerability exists in the ARMember WordPress plugin (<= 4.0.60) due to insufficient input sanitization of the 'orderby' parameter, allowing unauthenticated attackers to extract sensitive database information.

A SQL injection vulnerability exists in Appsmith's FilterDataServiceCE.java in versions 1.98 and earlier where the dropTable method constructs a SQL DROP TABLE statement using string concatenation with the table name, allowing arbitrary SQL command execution, leading to potential data loss, exfiltration, or modification.