Total
19475 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-26943 | 2026-06-17 | N/A | 9.3 CRITICAL | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jürgen Müller Easy Quotes easy-quotes allows Blind SQL Injection.This issue affects Easy Quotes: from n/a through <= 1.2.2. | |||||
| CVE-2025-26941 | 2026-06-17 | N/A | 9.3 CRITICAL | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in andy_moyle Church Admin church-admin allows SQL Injection.This issue affects Church Admin: from n/a through <= 5.0.18. | |||||
| CVE-2025-26915 | 2026-06-17 | N/A | 8.5 HIGH | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PickPlugins Wishlist wishlist allows SQL Injection.This issue affects Wishlist: from n/a through <= 1.0.41. | |||||
| CVE-2025-26908 | 2026-06-17 | N/A | 7.6 HIGH | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Gurmehub Kargo Entegratör kargo-entegrator allows SQL Injection.This issue affects Kargo Entegratör: from n/a through <= 1.1.14. | |||||
| CVE-2025-26898 | 2026-06-17 | N/A | 9.3 CRITICAL | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler traveler.This issue affects Traveler: from n/a through < 3.2.1. | |||||
| CVE-2025-26886 | 2026-06-17 | N/A | 7.6 HIGH | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PublishPress PublishPress Authors publishpress-authors allows SQL Injection.This issue affects PublishPress Authors: from n/a through <= 4.7.3. | |||||
| CVE-2025-26875 | 2026-06-17 | N/A | 9.3 CRITICAL | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in silverplugins217 Multiple Shipping And Billing Address For Woocommerce different-shipping-and-billing-address-for-woocommerce allows SQL Injection.This issue affects Multiple Shipping And Billing Address For Woocommerce: from n/a through <= 1.3. | |||||
| CVE-2025-26855 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| A SQL injection in Articles Calendar extension 1.0.0 - 1.0.1.0007 for Joomla allows attackers to execute arbitrary SQL commands. | |||||
| CVE-2025-26854 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| A SQL injection in Articles Good Search extension 1.0.0 - 1.2.4.0011 for Joomla allows attackers to execute arbitrary SQL commands. | |||||
| CVE-2025-26852 | 1 Descor | 1 Infocad | 2026-06-17 | N/A | 10.0 CRITICAL |
| DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 allows SQL Injection. | |||||
| CVE-2025-26794 | 1 Exim | 1 Exim | 2026-06-17 | N/A | 7.5 HIGH |
| Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. (Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations.) | |||||
| CVE-2025-26755 | 2026-06-17 | N/A | 7.6 HIGH | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in jgwhite33 WP Airbnb Review Slider wp-airbnb-review-slider allows Blind SQL Injection.This issue affects WP Airbnb Review Slider: from n/a through <= 3.9. | |||||
| CVE-2025-26617 | 1 Wegia | 1 Wegia | 2026-06-17 | N/A | 9.8 CRITICAL |
| WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `historico_paciente.php` endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized access to sensitive information. This issue has been addressed in version 3.2.14 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2025-26614 | 1 Wegia | 1 Wegia | 2026-06-17 | N/A | 8.8 HIGH |
| WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `deletar_documento.php` endpoint. This vulnerability allow an authorized attacker to execute arbitrary SQL queries, allowing access to sensitive information. This issue has been addressed in version 3.2.14 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2025-26612 | 1 Wegia | 1 Wegia | 2026-06-17 | N/A | 9.8 CRITICAL |
| WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `adicionar_almoxarife.php` endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized access to sensitive information. This issue has been addressed in version 3.2.13 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2025-26611 | 1 Wegia | 1 Wegia | 2026-06-17 | N/A | 9.8 CRITICAL |
| WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `remover_produto.php` endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized access to sensitive information. This issue has been addressed in version 3.2.13 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2025-26610 | 1 Wegia | 1 Wegia | 2026-06-17 | N/A | 9.8 CRITICAL |
| WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `restaurar_produto_desocultar.php` endpoint. This vulnerability allow an authorized attacker to execute arbitrary SQL queries, allowing access to sensitive information. This issue has been addressed in version 3.2.13 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2025-26609 | 1 Wegia | 1 Wegia | 2026-06-17 | N/A | 9.8 CRITICAL |
| WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `familiar_docfamiliar.php` endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized access to sensitive information. This issue has been addressed in version 3.2.14 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2025-26608 | 1 Wegia | 1 Wegia | 2026-06-17 | N/A | 9.8 CRITICAL |
| WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `dependente_docdependente.php` endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized access to sensitive information. This issue has been addressed in version 3.2.13 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2025-26607 | 1 Wegia | 1 Wegia | 2026-06-17 | N/A | 9.8 CRITICAL |
| WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, `documento_excluir.php` endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized access to sensitive information. This issue has been addressed in version 3.2.13 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||