Tag
AgenticMail API and Core Packages Vulnerabilities
2 rulesMultiple vulnerabilities, including SQL injection and SMTP header injection, have been discovered in AgenticMail API and Core packages, addressed in versions greater than 0.9.31 and 0.9.9 respectively, posing a risk of unauthorized access and control.
Twitter-Clone 1 SQL Injection Vulnerability (CVE-2018-25362)
2 rules 1 TTP 1 CVETwitter-Clone 1 is vulnerable to SQL injection via the userid parameter in follow.php, allowing attackers to manipulate database queries and extract sensitive information such as usernames, passwords, and database credentials.
Multiple Vulnerabilities in TYPO3 Extensions
2 rules 1 TTPMultiple vulnerabilities in TYPO3 extensions allow an attacker to execute arbitrary program code, conduct SQL injection attacks, disclose information, and circumvent security measures.
Multiple Vulnerabilities in PostgreSQL Allow for Remote Code Execution, Denial of Service, and Information Disclosure
2 rules 3 TTPsMultiple vulnerabilities in PostgreSQL could be exploited by an attacker to execute arbitrary code, conduct a denial of service attack, disclose information, manipulate files, conduct a SQL injection attack, and bypass security measures.
Multiple Vulnerabilities in Nextcloud
2 rules 3 TTPsMultiple vulnerabilities exist in Nextcloud, allowing an attacker to bypass security measures, disclose information, and conduct SQL injection attacks.
ChurchCRM Time-Based Blind SQL Injection Vulnerability (CVE-2026-34402)
2 rules 1 TTP 1 CVECVE-2026-34402 is a time-based blind SQL injection vulnerability in ChurchCRM versions prior to 7.1.0. Authenticated users with Edit Records or Manage Groups permissions can exploit the PropertyAssign.php endpoint to exfiltrate or modify database content, including user credentials, PII, and configuration secrets.
SQL Injection Vulnerability in Easy Blog Site 1.0
2 rules 1 TTP 1 CVEA SQL injection vulnerability exists in code-projects Easy Blog Site 1.0 within the login.php file, exploitable remotely by manipulating the username/password parameters, potentially leading to unauthorized database access.