SQLi
Monthly
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the option parameter. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the gallery_id parameter. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. [CVSS 7.5 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parameter. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V2 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. [CVSS 8.2 HIGH]
XooDigital Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to extract sensitive database information. [CVSS 8.2 HIGH]
Jettweb Php Hazir Ilan Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'kat' parameter. [CVSS 8.2 HIGH]
Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabilities in the admin panel that allow unauthenticated attackers to manipulate database queries through GET parameters. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the arac_kategori_id parameter. [CVSS 8.2 HIGH]
iScripts ReserveLogic contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jqSearchDestination parameter. [CVSS 8.2 HIGH]
Inout RealEstate contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the city parameter. [CVSS 8.2 HIGH]
Clinic Pro contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the month parameter. [CVSS 7.1 HIGH]
SQL injection in the registration module of itsourcecode Cafe Reservation System 1.0 allows unauthenticated remote attackers to manipulate the Username parameter and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, which provides attackers with potential access to sensitive data and database manipulation capabilities. No patch is currently available.
SQL injection in itsourcecode Online Doctor Appointment System 1.0 allows unauthenticated remote attackers to manipulate the ID parameter in /admin/doctor_action.php, potentially gaining unauthorized access to sensitive data and modifying database records. Public exploit code exists for this vulnerability, and no patch is currently available.
SQL injection in the Online Doctor Appointment System 1.0 admin panel allows unauthenticated remote attackers to manipulate the patient_id parameter and execute arbitrary database queries. The vulnerability affects the /admin/patient_action.php file and enables attackers to compromise data confidentiality, integrity, and availability. Public exploit code exists for this vulnerability, and no patch is currently available.
Unauthenticated SQL injection in WordPress My Sticky Bar plugin versions up to 2.8.6 allows attackers to extract database contents through crafted AJAX requests that exploit unsanitized parameter names in SQL INSERT statements. The vulnerability enables blind time-based data exfiltration despite sanitization of parameter values, affecting all users of the vulnerable plugin. No patch is currently available.
FeMiner WMS versions up to 1.0 contain a SQL injection vulnerability in the department addition module that allows unauthenticated remote attackers to manipulate the Name parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and can compromise the confidentiality, integrity, and availability of the underlying database.
SQL injection in the weimai-wetapp HomeController endpoint allows remote attackers with high privileges to manipulate the cat parameter and execute arbitrary database queries, potentially leading to unauthorized data access or modification. Public exploit code is available for this vulnerability, and the development team has not yet responded to the early disclosure notification. A patch is not currently available.
SQL injection in the Admin_AdminUserController of weimai-wetapp allows remote attackers with high privileges to manipulate the keyword parameter and execute arbitrary SQL queries, potentially leading to unauthorized data access and modification. Public exploit code exists for this vulnerability, though no patch is currently available. The vulnerability affects Java-based deployments using affected versions of the weimai-wetapp project.
OpenEMR versions prior to 8.0.0.1 contain a SQL injection vulnerability in the ajax graphs library that allows authenticated users to execute arbitrary database queries, potentially leading to complete compromise of patient health records and system data. The vulnerability stems from insufficient input validation and requires valid credentials to exploit, but poses a critical risk given the sensitive nature of healthcare data stored in OpenEMR systems. No patch is currently available for affected versions.
### Impact An attacker with access to the master key can inject malicious SQL via crafted field names used in query constraints when Parse Server is configured with PostgreSQL as the database. The field name in a `$regex` query operator is passed to PostgreSQL using unparameterized string interpolation, allowing the attacker to manipulate the SQL query. While the master key controls what can be done through the Parse Server abstraction layer, this SQL injection bypasses Parse Server entirely and operates at the database level. This vulnerability only affects Parse Server deployments using PostgreSQL. ### Patches The fix applies proper SQL identifier escaping to field names in the query handler and hardens query field name validation to reject malicious field names for all query types. ### Workarounds There is no known workaround. ### References - GitHub security advisory: https://github.com/parse-community/parse-server/security/advisories/GHSA-c442-97qw-j6c6 - Fix Parse Server 9: https://github.com/parse-community/parse-server/releases/tag/9.6.0-alpha.10 - Fix Parse Server 8: https://github.com/parse-community/parse-server/releases/tag/8.6.36
SQL injection in WeGIA before 3.6.6.
WeGIA is a web manager for charitable institutions. versions up to 3.6.6 is affected by sql injection (CVSS 8.8).
SQL injection in Frappe framework before 15.84.0/14.99.0.
Varient 1.6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the user_id parameter. [CVSS 8.2 HIGH]
SQL injection in Parse Server before 9.6.0-alpha.5/8.6.31. Third Parse Server SQLi.
SQL injection in Craft CMS ElementSearchController allows authenticated control panel users to execute arbitrary SQL queries and extract complete database contents through the criteria[where] and criteria[orderBy] parameters. The vulnerability exists because a previous SQL injection fix applied to ElementIndexesController was never implemented in this endpoint. An attacker with any control panel user account can exploit this via boolean-based blind injection without requiring administrative privileges.
SQL injection in Parse Server before 9.6.0-alpha.5/8.6.31.
SQL injection in Parse Server before 9.6.0-alpha.2/8.6.28.
Unauthenticated attackers can exploit SQL injection in the JetBooking WordPress plugin through the check_in_date parameter to extract sensitive database information, affecting all versions up to 4.0.3. The vulnerability exists due to insufficient input escaping and unprepared SQL statements. No patch is currently available.
SQL injection in itsourcecode University Management System 1.0 via the Name parameter in /att_add.php enables unauthenticated remote attackers to read, modify, or delete database contents. Public exploit code exists for this vulnerability, and no patch is currently available.
Simply Schedule Appointments Booking Plugin versions up to 1.6.9.27. is affected by sql injection (CVSS 7.5).
An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands.
SQL injection in the Koha library management system's staff interface allows authenticated users to manipulate the displayby parameter in suggestion.pl, enabling arbitrary SQL query execution against the backend database. Low-privileged staff members can exploit this vulnerability to extract sensitive data or modify database contents without additional privileges. No patch is currently available to remediate this high-severity vulnerability.
Unauthenticated attackers can exploit a time-based blind SQL injection in the WP Maps plugin for WordPress (versions up to 4.9.1) through the location_id parameter in the wpgmp_ajax_call AJAX handler to extract sensitive database information. The vulnerability stems from improper input validation that allows backtick-wrapped user input to bypass SQL escaping functions. No patch is currently available, leaving all affected WordPress installations at risk of data disclosure.
Unauthenticated attackers can extract sensitive database information from WordPress sites running the Ally plugin (versions up to 4.0.3) through SQL injection in the URL parameter handling of the Remediation module. The vulnerability exists because user input is insufficiently sanitized before being concatenated into SQL queries, allowing time-based blind SQL injection attacks despite URL escaping being applied. No patch is currently available.
Sylius eCommerce Framework versions prior to 1.9.12, 1.10.16, 1.11.17, 1.12.23, 1.13.15, 1.14.18, 2.0.16, 2.1.12, and 2.2.3 are vulnerable to DQL injection through the ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter API endpoints, which fail to validate user-supplied order direction parameters before passing them to Doctrine. An unauthenticated remote attacker can inject arbitrary DQL queries to read sensitive data from the application database. No patch is currently available for this medium-severity vulnerability.
SQL injection in Sequelize prior to version 6.37.8 allows unauthenticated attackers to execute arbitrary SQL queries and extract sensitive data by manipulating JSON object keys in WHERE clause operations. The vulnerability stems from improper sanitization of cast type parameters in the _traverseJSON() function, which directly interpolates user-controlled input into CAST SQL statements. Node.js applications using affected Sequelize versions are at risk of complete database compromise.
Craft Commerce versions prior to 5.5.3 contain an SQL injection vulnerability in the inventory levels endpoint where sort parameters are improperly sanitized, allowing authenticated users with Commerce Inventory access to execute arbitrary database queries. Public exploit code exists for this vulnerability, which could enable complete database compromise. Update to version 5.5.3 or later to resolve this high-severity issue.
SQL injection in Craft Commerce's purchasables endpoint allows authenticated attackers to manipulate the sort parameter and execute arbitrary SQL queries via the unvalidated ORDER BY clause. Versions prior to 4.10.2 and 5.5.3 are vulnerable, with public exploit code available. An attacker with valid credentials can extract sensitive database information or modify data without additional user interaction.
Gas station automation system BUK TS-G 2.9.1 has a SQL injection enabling compromise of fuel management and transaction data.
NoSQL injection in Parse Server's password reset and email verification endpoints allows unauthenticated attackers to extract authentication tokens by injecting MongoDB query operators through the unvalidated token parameter. Affected deployments running MongoDB with these features enabled are vulnerable to email verification bypass and password reset token theft. The vulnerability is fixed in versions 8.6.14 and 9.5.2-alpha.1.
SQL injection in Glances TimescaleDB export module allows local attackers to execute arbitrary SQL commands against the monitoring database. The vulnerability stems from unsafe string concatenation when constructing queries with system monitoring data (process names, mount points, network interfaces, container names). Proof-of-concept exploit code exists (CVSS E:P). EPSS score of 0.02% (4th percentile) indicates very low observed exploitation activity. Vendor-released patch available in version 4.5.1.
Authenticated users can exploit SQL injection vulnerabilities in SQL Server 2016-2025 to escalate privileges and gain unauthorized access across the network. This high-severity flaw (CVSS 8.8) affects multiple SQL Server versions with no available patch, allowing attackers with valid credentials to manipulate SQL commands and compromise system integrity. Organizations running these affected versions should implement network segmentation and monitor for suspicious database activity until a patch is released.
SQL Injection vulnerability in LimeSurvey before v.6.15.4+250710 allows a remote attacker to obtain sensitive information from the database. [CVSS 7.5 HIGH]
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer-BigData 7.6.0, FortiAnalyzer-BigData 7.4.0 through 7.4.4, FortiAnalyzer-BigData 7.2 all versions, FortiAnalyzer-BigData 7.0 all versions, FortiAnalyzer-BigData 6.4 all versions, FortiAnalyzer-BigData 6.2 all versions may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted requests. [CVSS 6.0 MEDIUM]
SQL injection in SAP NetWeaver Feedback Notifications Service enables authenticated attackers to execute arbitrary database queries by exploiting insufficient input validation. An attacker can manipulate SQL WHERE clauses to access or exfiltrate sensitive database information, with limited impact on system confidentiality and availability. No patch is currently available for this vulnerability.
SQL injection in Tiandy Easy7 CMS 7.17.0 allows unauthenticated remote attackers to manipulate the strTBName parameter in GetDBData.jsp, potentially accessing or modifying sensitive database information. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification.
SQL injection in Eventobot event management application allows unauthenticated attackers to perform complete database operations including data retrieval, creation, update, and deletion.
SourceCodester Resort Reservation System 1.0 contains SQL injection in the /room_rates.php endpoint via the q parameter, allowing authenticated remote attackers to execute arbitrary database queries and potentially access or modify sensitive data. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but can be performed over the network with minimal complexity.
SQL injection in SourceCodester Sales and Inventory System 1.0 via the sellid GET parameter in sales_invoice1.php allows authenticated attackers to execute arbitrary SQL queries remotely. Public exploit code exists for this vulnerability, and no patch is currently available. Affected systems can suffer data exposure, modification, or loss depending on database permissions.
SQL injection in SourceCodester Sales and Inventory System 1.0 allows authenticated remote attackers to manipulate the purchaseid parameter in purchase_invoice.php, enabling unauthorized data access and modification. Public exploit code exists for this vulnerability, and no patch is currently available, leaving deployed instances at risk.
SQL injection in SourceCodester Sales and Inventory System 1.0 allows authenticated attackers to execute arbitrary SQL queries through the searchtxt parameter in dashboard.php. Public exploit code exists for this vulnerability, enabling remote exploitation by users with login credentials to read, modify, or delete database contents. No patch is currently available.
Sales And Inventory System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 6.3).
SQL injection in EasyCMS up to version 1.6 via the _order parameter in the Request Parameter Handler allows authenticated remote attackers to execute arbitrary SQL queries with medium impact on confidentiality, integrity, and availability. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification.
SQL injection in EasyCMS versions up to 1.6 via the _order parameter in the Request Parameter Handler allows remote attackers with valid credentials to execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early disclosure notification. The attack requires low complexity and can result in unauthorized data access, modification, and potential service disruption.
SQL injection in SourceCodester Resort Reservation System 1.0 via the q parameter in /accommodation.php allows remote authenticated attackers to manipulate database queries. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials could extract or modify sensitive reservation and user data.
College Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 6.3).
SQL injection in itsourcecode University Management System 1.0 via the dt parameter in /att_single_view.php enables remote attackers to execute arbitrary SQL queries without authentication. Public exploit code exists for this vulnerability, and no patch is currently available. The attack affects data confidentiality, integrity, and availability with a CVSS score of 7.3.
SQL injection in itsourcecode University Management System 1.0 via the seme parameter in /view_result.php allows unauthenticated remote attackers to manipulate database queries and potentially access or modify sensitive data. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected installations at immediate risk.
SQL injection in projectworlds Online Art Gallery Shop 1.0 via the reach_nm parameter in /admin/adminHome.php allows unauthenticated remote attackers to manipulate database queries and potentially extract sensitive data or modify database contents. Public exploit code exists for this vulnerability, increasing exploitation risk. No patch is currently available for affected installations.
SQL injection in projectworlds Online Art Gallery Shop 1.0 allows unauthenticated remote attackers to manipulate the Info parameter in /admin/adminHome.php, potentially enabling unauthorized database access and data theft. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available, requiring organizations to implement compensating controls or upgrade to a patched version when released.
SQL injection in projectworlds Online Art Gallery Shop 1.0 allows unauthenticated remote attackers to manipulate the fnm parameter via the /?pass=1 endpoint, potentially enabling unauthorized database access and modification. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected installations at immediate risk.
SQL injection in SourceCodester Sales and Inventory System up to version 1.0 allows authenticated remote attackers to manipulate the stock_name1 parameter in /check_item_details.php and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but could enable data disclosure, modification, or deletion within the affected system.
Sales And Inventory System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 6.3).
SQL injection in SourceCodester Sales and Inventory System 1.0 via the cost parameter in /add_stock.php enables authenticated attackers to manipulate database queries remotely. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but can result in unauthorized data access and modification.
SQL injection in SourceCodester Sales and Inventory System versions up to 1.0 via the sid parameter in /add_sales_print.php allows authenticated attackers to execute arbitrary SQL queries remotely. Public exploit code exists for this vulnerability, and no patch is currently available. Attackers can leverage this to access, modify, or delete sensitive inventory and sales data.
SourceCodester Employee Task Management System through version 1.0 contains a SQL injection vulnerability in the /daily-task-report.php GET parameter handler that allows remote attackers with high privileges to extract or manipulate database contents. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires network access but no user interaction, potentially compromising sensitive employee task data and system integrity.
SQL injection in SourceCodester Employee Task Management System 1.0 allows remote attackers to manipulate the Date parameter in /daily-attendance-report.php, enabling unauthorized database access and modification. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires high-level privileges but can be executed over the network with minimal complexity.
SQL injection in itsourcecode University Management System 1.0 via the subject parameter in /add_result.php enables remote attackers to execute arbitrary database queries without authentication. Public exploit code exists for this vulnerability, and no patch is currently available. Affected installations face potential data exfiltration, modification, or deletion through unauthenticated network-based attacks.
SQL injection in SourceCodester Simple Responsive Tourism Website 1.0 via the Username parameter in the Login.php component enables unauthenticated remote attackers to manipulate database queries and potentially extract sensitive data or modify application state. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected systems exposed to active exploitation.
SQL injection in Student Web Portal 1.0's profile.php allows authenticated attackers to execute arbitrary SQL queries through improper input validation on the User parameter, potentially leading to unauthorized data access or modification. Public exploit code exists for this vulnerability, and no patch is currently available.
SQL injection in Student Web Portal 1.0's signup.php password validation function allows unauthenticated remote attackers to manipulate database queries through the reg_passwd parameter. Public exploit code exists for this vulnerability, and no patch is currently available. Successful exploitation could enable unauthorized data access, modification, or deletion.
SQL injection in itsourcecode University Management System 1.0 allows remote attackers to manipulate the admin_search_student parameter in /admin_search_student.php without authentication, potentially leading to unauthorized data access, modification, or deletion. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available.
SQL injection in Simple Flight Ticket Booking System 1.0's SearchResultRoundtrip.php parameter handling enables unauthenticated remote attackers to manipulate database queries and potentially extract, modify, or delete sensitive data. Public exploit code exists for this vulnerability, increasing exploitation risk. No patch is currently available.
SQL injection in Simple Flight Ticket Booking System 1.0 allows unauthenticated remote attackers to manipulate the SearchResultOneway.php input parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and can be executed over the network, enabling attackers to read, modify, or delete sensitive flight booking data.
SQL injection in Free Hotel Reservation System 1.0 allows remote attackers to manipulate the amen_id and rmtype_id parameters in the amenities management interface, enabling unauthorized database access and potential data modification. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects PHP-based installations and requires no authentication or user interaction to exploit.
SQL injection in Simple Flight Ticket Booking System 1.0's /Admindelete.php endpoint allows unauthenticated remote attackers to manipulate the flightno parameter and execute arbitrary database queries, potentially leading to data theft or modification. Public exploit code is available for this vulnerability, and no patch has been released as of now.
SQL injection in Simple Flight Ticket Booking System 1.0's admin update function allows remote attackers with high privileges to manipulate flight parameters and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires administrative credentials but could enable data exfiltration or modification of flight booking records.
SQL injection in Simple Flight Ticket Booking System 1.0's /Adminadd.php allows remote attackers with high privileges to manipulate flight parameters and execute arbitrary SQL queries, potentially compromising flight booking data. Public exploit code exists for this vulnerability, though patches are not yet available. The attack requires administrative credentials but can be exploited over the network without user interaction.
Simple Flight Ticket Booking System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).
SQL injection in Simple Flight Ticket Booking System 1.0's login functionality allows unauthenticated attackers to manipulate the Username parameter and execute arbitrary database queries remotely. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. PHP installations running the affected application should be isolated until a security patch becomes available.
SQL injection in Simple Flight Ticket Booking System 1.0 via the flightno parameter in /Adminsearch.php allows unauthenticated remote attackers to query or modify database contents. Public exploit code exists for this vulnerability, and no patch is currently available. Affected users should immediately restrict access to the admin search functionality or upgrade if a patched version becomes available.
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the option parameter. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the gallery_id parameter. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. [CVSS 7.5 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parameter. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Haber Sitesi Scripti V2 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. [CVSS 8.2 HIGH]
XooDigital Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to extract sensitive database information. [CVSS 8.2 HIGH]
Jettweb Php Hazir Ilan Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'kat' parameter. [CVSS 8.2 HIGH]
Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabilities in the admin panel that allow unauthenticated attackers to manipulate database queries through GET parameters. [CVSS 8.2 HIGH]
Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the arac_kategori_id parameter. [CVSS 8.2 HIGH]
iScripts ReserveLogic contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jqSearchDestination parameter. [CVSS 8.2 HIGH]
Inout RealEstate contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the city parameter. [CVSS 8.2 HIGH]
Clinic Pro contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the month parameter. [CVSS 7.1 HIGH]
SQL injection in the registration module of itsourcecode Cafe Reservation System 1.0 allows unauthenticated remote attackers to manipulate the Username parameter and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, which provides attackers with potential access to sensitive data and database manipulation capabilities. No patch is currently available.
SQL injection in itsourcecode Online Doctor Appointment System 1.0 allows unauthenticated remote attackers to manipulate the ID parameter in /admin/doctor_action.php, potentially gaining unauthorized access to sensitive data and modifying database records. Public exploit code exists for this vulnerability, and no patch is currently available.
SQL injection in the Online Doctor Appointment System 1.0 admin panel allows unauthenticated remote attackers to manipulate the patient_id parameter and execute arbitrary database queries. The vulnerability affects the /admin/patient_action.php file and enables attackers to compromise data confidentiality, integrity, and availability. Public exploit code exists for this vulnerability, and no patch is currently available.
Unauthenticated SQL injection in WordPress My Sticky Bar plugin versions up to 2.8.6 allows attackers to extract database contents through crafted AJAX requests that exploit unsanitized parameter names in SQL INSERT statements. The vulnerability enables blind time-based data exfiltration despite sanitization of parameter values, affecting all users of the vulnerable plugin. No patch is currently available.
FeMiner WMS versions up to 1.0 contain a SQL injection vulnerability in the department addition module that allows unauthenticated remote attackers to manipulate the Name parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and can compromise the confidentiality, integrity, and availability of the underlying database.
SQL injection in the weimai-wetapp HomeController endpoint allows remote attackers with high privileges to manipulate the cat parameter and execute arbitrary database queries, potentially leading to unauthorized data access or modification. Public exploit code is available for this vulnerability, and the development team has not yet responded to the early disclosure notification. A patch is not currently available.
SQL injection in the Admin_AdminUserController of weimai-wetapp allows remote attackers with high privileges to manipulate the keyword parameter and execute arbitrary SQL queries, potentially leading to unauthorized data access and modification. Public exploit code exists for this vulnerability, though no patch is currently available. The vulnerability affects Java-based deployments using affected versions of the weimai-wetapp project.
OpenEMR versions prior to 8.0.0.1 contain a SQL injection vulnerability in the ajax graphs library that allows authenticated users to execute arbitrary database queries, potentially leading to complete compromise of patient health records and system data. The vulnerability stems from insufficient input validation and requires valid credentials to exploit, but poses a critical risk given the sensitive nature of healthcare data stored in OpenEMR systems. No patch is currently available for affected versions.
SQL injection in generatedata 4.0.14.
### Impact An attacker with access to the master key can inject malicious SQL via crafted field names used in query constraints when Parse Server is configured with PostgreSQL as the database. The field name in a `$regex` query operator is passed to PostgreSQL using unparameterized string interpolation, allowing the attacker to manipulate the SQL query. While the master key controls what can be done through the Parse Server abstraction layer, this SQL injection bypasses Parse Server entirely and operates at the database level. This vulnerability only affects Parse Server deployments using PostgreSQL. ### Patches The fix applies proper SQL identifier escaping to field names in the query handler and hardens query field name validation to reject malicious field names for all query types. ### Workarounds There is no known workaround. ### References - GitHub security advisory: https://github.com/parse-community/parse-server/security/advisories/GHSA-c442-97qw-j6c6 - Fix Parse Server 9: https://github.com/parse-community/parse-server/releases/tag/9.6.0-alpha.10 - Fix Parse Server 8: https://github.com/parse-community/parse-server/releases/tag/8.6.36
SQL injection in WeGIA before 3.6.6.
WeGIA is a web manager for charitable institutions. versions up to 3.6.6 is affected by sql injection (CVSS 8.8).
SQL injection in Frappe framework before 15.84.0/14.99.0.
Varient 1.6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the user_id parameter. [CVSS 8.2 HIGH]
SQL injection in Parse Server before 9.6.0-alpha.5/8.6.31. Third Parse Server SQLi.
SQL injection in Craft CMS ElementSearchController allows authenticated control panel users to execute arbitrary SQL queries and extract complete database contents through the criteria[where] and criteria[orderBy] parameters. The vulnerability exists because a previous SQL injection fix applied to ElementIndexesController was never implemented in this endpoint. An attacker with any control panel user account can exploit this via boolean-based blind injection without requiring administrative privileges.
SQL injection in Parse Server before 9.6.0-alpha.5/8.6.31.
SQL injection in Parse Server before 9.6.0-alpha.2/8.6.28.
Unauthenticated attackers can exploit SQL injection in the JetBooking WordPress plugin through the check_in_date parameter to extract sensitive database information, affecting all versions up to 4.0.3. The vulnerability exists due to insufficient input escaping and unprepared SQL statements. No patch is currently available.
SQL injection in itsourcecode University Management System 1.0 via the Name parameter in /att_add.php enables unauthenticated remote attackers to read, modify, or delete database contents. Public exploit code exists for this vulnerability, and no patch is currently available.
Simply Schedule Appointments Booking Plugin versions up to 1.6.9.27. is affected by sql injection (CVSS 7.5).
An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands.
SQL injection in the Koha library management system's staff interface allows authenticated users to manipulate the displayby parameter in suggestion.pl, enabling arbitrary SQL query execution against the backend database. Low-privileged staff members can exploit this vulnerability to extract sensitive data or modify database contents without additional privileges. No patch is currently available to remediate this high-severity vulnerability.
Unauthenticated attackers can exploit a time-based blind SQL injection in the WP Maps plugin for WordPress (versions up to 4.9.1) through the location_id parameter in the wpgmp_ajax_call AJAX handler to extract sensitive database information. The vulnerability stems from improper input validation that allows backtick-wrapped user input to bypass SQL escaping functions. No patch is currently available, leaving all affected WordPress installations at risk of data disclosure.
Unauthenticated attackers can extract sensitive database information from WordPress sites running the Ally plugin (versions up to 4.0.3) through SQL injection in the URL parameter handling of the Remediation module. The vulnerability exists because user input is insufficiently sanitized before being concatenated into SQL queries, allowing time-based blind SQL injection attacks despite URL escaping being applied. No patch is currently available.
Sylius eCommerce Framework versions prior to 1.9.12, 1.10.16, 1.11.17, 1.12.23, 1.13.15, 1.14.18, 2.0.16, 2.1.12, and 2.2.3 are vulnerable to DQL injection through the ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter API endpoints, which fail to validate user-supplied order direction parameters before passing them to Doctrine. An unauthenticated remote attacker can inject arbitrary DQL queries to read sensitive data from the application database. No patch is currently available for this medium-severity vulnerability.
SQL injection in Sequelize prior to version 6.37.8 allows unauthenticated attackers to execute arbitrary SQL queries and extract sensitive data by manipulating JSON object keys in WHERE clause operations. The vulnerability stems from improper sanitization of cast type parameters in the _traverseJSON() function, which directly interpolates user-controlled input into CAST SQL statements. Node.js applications using affected Sequelize versions are at risk of complete database compromise.
Craft Commerce versions prior to 5.5.3 contain an SQL injection vulnerability in the inventory levels endpoint where sort parameters are improperly sanitized, allowing authenticated users with Commerce Inventory access to execute arbitrary database queries. Public exploit code exists for this vulnerability, which could enable complete database compromise. Update to version 5.5.3 or later to resolve this high-severity issue.
SQL injection in Craft Commerce's purchasables endpoint allows authenticated attackers to manipulate the sort parameter and execute arbitrary SQL queries via the unvalidated ORDER BY clause. Versions prior to 4.10.2 and 5.5.3 are vulnerable, with public exploit code available. An attacker with valid credentials can extract sensitive database information or modify data without additional user interaction.
Gas station automation system BUK TS-G 2.9.1 has a SQL injection enabling compromise of fuel management and transaction data.
NoSQL injection in Parse Server's password reset and email verification endpoints allows unauthenticated attackers to extract authentication tokens by injecting MongoDB query operators through the unvalidated token parameter. Affected deployments running MongoDB with these features enabled are vulnerable to email verification bypass and password reset token theft. The vulnerability is fixed in versions 8.6.14 and 9.5.2-alpha.1.
SQL injection in Glances TimescaleDB export module allows local attackers to execute arbitrary SQL commands against the monitoring database. The vulnerability stems from unsafe string concatenation when constructing queries with system monitoring data (process names, mount points, network interfaces, container names). Proof-of-concept exploit code exists (CVSS E:P). EPSS score of 0.02% (4th percentile) indicates very low observed exploitation activity. Vendor-released patch available in version 4.5.1.
Authenticated users can exploit SQL injection vulnerabilities in SQL Server 2016-2025 to escalate privileges and gain unauthorized access across the network. This high-severity flaw (CVSS 8.8) affects multiple SQL Server versions with no available patch, allowing attackers with valid credentials to manipulate SQL commands and compromise system integrity. Organizations running these affected versions should implement network segmentation and monitor for suspicious database activity until a patch is released.
SQL Injection vulnerability in LimeSurvey before v.6.15.4+250710 allows a remote attacker to obtain sensitive information from the database. [CVSS 7.5 HIGH]
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer-BigData 7.6.0, FortiAnalyzer-BigData 7.4.0 through 7.4.4, FortiAnalyzer-BigData 7.2 all versions, FortiAnalyzer-BigData 7.0 all versions, FortiAnalyzer-BigData 6.4 all versions, FortiAnalyzer-BigData 6.2 all versions may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted requests. [CVSS 6.0 MEDIUM]
SQL injection in SAP NetWeaver Feedback Notifications Service enables authenticated attackers to execute arbitrary database queries by exploiting insufficient input validation. An attacker can manipulate SQL WHERE clauses to access or exfiltrate sensitive database information, with limited impact on system confidentiality and availability. No patch is currently available for this vulnerability.
SQL injection in Tiandy Easy7 CMS 7.17.0 allows unauthenticated remote attackers to manipulate the strTBName parameter in GetDBData.jsp, potentially accessing or modifying sensitive database information. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification.
SQL injection in Eventobot event management application allows unauthenticated attackers to perform complete database operations including data retrieval, creation, update, and deletion.
SourceCodester Resort Reservation System 1.0 contains SQL injection in the /room_rates.php endpoint via the q parameter, allowing authenticated remote attackers to execute arbitrary database queries and potentially access or modify sensitive data. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but can be performed over the network with minimal complexity.
SQL injection in SourceCodester Sales and Inventory System 1.0 via the sellid GET parameter in sales_invoice1.php allows authenticated attackers to execute arbitrary SQL queries remotely. Public exploit code exists for this vulnerability, and no patch is currently available. Affected systems can suffer data exposure, modification, or loss depending on database permissions.
SQL injection in SourceCodester Sales and Inventory System 1.0 allows authenticated remote attackers to manipulate the purchaseid parameter in purchase_invoice.php, enabling unauthorized data access and modification. Public exploit code exists for this vulnerability, and no patch is currently available, leaving deployed instances at risk.
SQL injection in SourceCodester Sales and Inventory System 1.0 allows authenticated attackers to execute arbitrary SQL queries through the searchtxt parameter in dashboard.php. Public exploit code exists for this vulnerability, enabling remote exploitation by users with login credentials to read, modify, or delete database contents. No patch is currently available.
Sales And Inventory System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 6.3).
SQL injection in EasyCMS up to version 1.6 via the _order parameter in the Request Parameter Handler allows authenticated remote attackers to execute arbitrary SQL queries with medium impact on confidentiality, integrity, and availability. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification.
SQL injection in EasyCMS versions up to 1.6 via the _order parameter in the Request Parameter Handler allows remote attackers with valid credentials to execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early disclosure notification. The attack requires low complexity and can result in unauthorized data access, modification, and potential service disruption.
SQL injection in SourceCodester Resort Reservation System 1.0 via the q parameter in /accommodation.php allows remote authenticated attackers to manipulate database queries. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials could extract or modify sensitive reservation and user data.
College Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 6.3).
SQL injection in itsourcecode University Management System 1.0 via the dt parameter in /att_single_view.php enables remote attackers to execute arbitrary SQL queries without authentication. Public exploit code exists for this vulnerability, and no patch is currently available. The attack affects data confidentiality, integrity, and availability with a CVSS score of 7.3.
SQL injection in itsourcecode University Management System 1.0 via the seme parameter in /view_result.php allows unauthenticated remote attackers to manipulate database queries and potentially access or modify sensitive data. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected installations at immediate risk.
SQL injection in projectworlds Online Art Gallery Shop 1.0 via the reach_nm parameter in /admin/adminHome.php allows unauthenticated remote attackers to manipulate database queries and potentially extract sensitive data or modify database contents. Public exploit code exists for this vulnerability, increasing exploitation risk. No patch is currently available for affected installations.
SQL injection in projectworlds Online Art Gallery Shop 1.0 allows unauthenticated remote attackers to manipulate the Info parameter in /admin/adminHome.php, potentially enabling unauthorized database access and data theft. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available, requiring organizations to implement compensating controls or upgrade to a patched version when released.
SQL injection in projectworlds Online Art Gallery Shop 1.0 allows unauthenticated remote attackers to manipulate the fnm parameter via the /?pass=1 endpoint, potentially enabling unauthorized database access and modification. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected installations at immediate risk.
SQL injection in SourceCodester Sales and Inventory System up to version 1.0 allows authenticated remote attackers to manipulate the stock_name1 parameter in /check_item_details.php and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but could enable data disclosure, modification, or deletion within the affected system.
Sales And Inventory System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 6.3).
SQL injection in SourceCodester Sales and Inventory System 1.0 via the cost parameter in /add_stock.php enables authenticated attackers to manipulate database queries remotely. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but can result in unauthorized data access and modification.
SQL injection in SourceCodester Sales and Inventory System versions up to 1.0 via the sid parameter in /add_sales_print.php allows authenticated attackers to execute arbitrary SQL queries remotely. Public exploit code exists for this vulnerability, and no patch is currently available. Attackers can leverage this to access, modify, or delete sensitive inventory and sales data.
SourceCodester Employee Task Management System through version 1.0 contains a SQL injection vulnerability in the /daily-task-report.php GET parameter handler that allows remote attackers with high privileges to extract or manipulate database contents. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires network access but no user interaction, potentially compromising sensitive employee task data and system integrity.
SQL injection in SourceCodester Employee Task Management System 1.0 allows remote attackers to manipulate the Date parameter in /daily-attendance-report.php, enabling unauthorized database access and modification. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires high-level privileges but can be executed over the network with minimal complexity.
SQL injection in itsourcecode University Management System 1.0 via the subject parameter in /add_result.php enables remote attackers to execute arbitrary database queries without authentication. Public exploit code exists for this vulnerability, and no patch is currently available. Affected installations face potential data exfiltration, modification, or deletion through unauthenticated network-based attacks.
SQL injection in SourceCodester Simple Responsive Tourism Website 1.0 via the Username parameter in the Login.php component enables unauthenticated remote attackers to manipulate database queries and potentially extract sensitive data or modify application state. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected systems exposed to active exploitation.
SQL injection in Student Web Portal 1.0's profile.php allows authenticated attackers to execute arbitrary SQL queries through improper input validation on the User parameter, potentially leading to unauthorized data access or modification. Public exploit code exists for this vulnerability, and no patch is currently available.
SQL injection in Student Web Portal 1.0's signup.php password validation function allows unauthenticated remote attackers to manipulate database queries through the reg_passwd parameter. Public exploit code exists for this vulnerability, and no patch is currently available. Successful exploitation could enable unauthorized data access, modification, or deletion.
SQL injection in itsourcecode University Management System 1.0 allows remote attackers to manipulate the admin_search_student parameter in /admin_search_student.php without authentication, potentially leading to unauthorized data access, modification, or deletion. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available.
SQL injection in Simple Flight Ticket Booking System 1.0's SearchResultRoundtrip.php parameter handling enables unauthenticated remote attackers to manipulate database queries and potentially extract, modify, or delete sensitive data. Public exploit code exists for this vulnerability, increasing exploitation risk. No patch is currently available.
SQL injection in Simple Flight Ticket Booking System 1.0 allows unauthenticated remote attackers to manipulate the SearchResultOneway.php input parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and can be executed over the network, enabling attackers to read, modify, or delete sensitive flight booking data.
SQL injection in Free Hotel Reservation System 1.0 allows remote attackers to manipulate the amen_id and rmtype_id parameters in the amenities management interface, enabling unauthorized database access and potential data modification. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects PHP-based installations and requires no authentication or user interaction to exploit.
SQL injection in Simple Flight Ticket Booking System 1.0's /Admindelete.php endpoint allows unauthenticated remote attackers to manipulate the flightno parameter and execute arbitrary database queries, potentially leading to data theft or modification. Public exploit code is available for this vulnerability, and no patch has been released as of now.
SQL injection in Simple Flight Ticket Booking System 1.0's admin update function allows remote attackers with high privileges to manipulate flight parameters and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires administrative credentials but could enable data exfiltration or modification of flight booking records.
SQL injection in Simple Flight Ticket Booking System 1.0's /Adminadd.php allows remote attackers with high privileges to manipulate flight parameters and execute arbitrary SQL queries, potentially compromising flight booking data. Public exploit code exists for this vulnerability, though patches are not yet available. The attack requires administrative credentials but can be exploited over the network without user interaction.
Simple Flight Ticket Booking System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).
SQL injection in Simple Flight Ticket Booking System 1.0's login functionality allows unauthenticated attackers to manipulate the Username parameter and execute arbitrary database queries remotely. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. PHP installations running the affected application should be isolated until a security patch becomes available.
SQL injection in Simple Flight Ticket Booking System 1.0 via the flightno parameter in /Adminsearch.php allows unauthenticated remote attackers to query or modify database contents. Public exploit code exists for this vulnerability, and no patch is currently available. Affected users should immediately restrict access to the admin search functionality or upgrade if a patched version becomes available.