Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-8912

Summary
Assigner-Wordfence
Assigner Org ID-b15e7b5b-3da4-40ae-a43c-f7aa60e62599
Published At-19 May, 2026 | 11:18
Updated At-19 May, 2026 | 16:34
Rejected At-
Credits

Contest Gallery <= 28.1.6 - Unauthenticated SQL Injection

The Contest Gallery plugin for WordPress is vulnerable to SQL Injection via the 'form_input' parameter in versions up to, and including, 28.1.6. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query inside the unauthenticated 'post_cg_gallery_form_upload' AJAX action (specifically the 'cb' branch of the included users-upload-check.php, where $f_input_id is concatenated unquoted into 'SELECT Field_Content FROM ... WHERE id = $f_input_id'). The endpoint is gated only by a public frontend nonce ('cg1l_action' / 'cg_nonce') that is exposed in the page source of any public gallery page. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Wordfence
Assigner Org ID:b15e7b5b-3da4-40ae-a43c-f7aa60e62599
Published At:19 May, 2026 | 11:18
Updated At:19 May, 2026 | 16:34
Rejected At:
▼CVE Numbering Authority (CNA)
Contest Gallery <= 28.1.6 - Unauthenticated SQL Injection

The Contest Gallery plugin for WordPress is vulnerable to SQL Injection via the 'form_input' parameter in versions up to, and including, 28.1.6. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query inside the unauthenticated 'post_cg_gallery_form_upload' AJAX action (specifically the 'cb' branch of the included users-upload-check.php, where $f_input_id is concatenated unquoted into 'SELECT Field_Content FROM ... WHERE id = $f_input_id'). The endpoint is gated only by a public frontend nonce ('cg1l_action' / 'cg_nonce') that is exposed in the page source of any public gallery page. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Affected Products
Vendor
contest-gallery
Product
Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe
Default Status
unaffected
Versions
Affected
  • From 0 through 28.1.6 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-89CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Type: CWE
CWE ID: CWE-89
Description: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Leonid Semenenko
Timeline
EventDate
Vendor Notified2026-05-18 22:31:56
Disclosed2026-05-18 00:00:00
Event: Vendor Notified
Date: 2026-05-18 22:31:56
Event: Disclosed
Date: 2026-05-18 00:00:00
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.wordfence.com/threat-intel/vulnerabilities/id/71f2f8c4-00ee-4ab4-b0e0-9ddac46818b3?source=cve
N/A
https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/v10/v10-frontend/user_upload/users-upload-check.php#L1193
N/A
https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/v10/v10-frontend/user_upload/users-upload-check.php#L1036
N/A
https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/ajax/ajax-functions-frontend.php#L837
N/A
https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/functions/frontend/cg-general-frontend.php#L12
N/A
Hyperlink: https://www.wordfence.com/threat-intel/vulnerabilities/id/71f2f8c4-00ee-4ab4-b0e0-9ddac46818b3?source=cve
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/v10/v10-frontend/user_upload/users-upload-check.php#L1193
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/v10/v10-frontend/user_upload/users-upload-check.php#L1036
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/ajax/ajax-functions-frontend.php#L837
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/functions/frontend/cg-general-frontend.php#L12
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@wordfence.com
Published At:19 May, 2026 | 13:16
Updated At:19 May, 2026 | 13:16

The Contest Gallery plugin for WordPress is vulnerable to SQL Injection via the 'form_input' parameter in versions up to, and including, 28.1.6. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query inside the unauthenticated 'post_cg_gallery_form_upload' AJAX action (specifically the 'cb' branch of the included users-upload-check.php, where $f_input_id is concatenated unquoted into 'SELECT Field_Content FROM ... WHERE id = $f_input_id'). The endpoint is gated only by a public frontend nonce ('cg1l_action' / 'cg_nonce') that is exposed in the page source of any public gallery page. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-89Primarysecurity@wordfence.com
CWE ID: CWE-89
Type: Primary
Source: security@wordfence.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/ajax/ajax-functions-frontend.php#L837security@wordfence.com
N/A
https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/functions/frontend/cg-general-frontend.php#L12security@wordfence.com
N/A
https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/v10/v10-frontend/user_upload/users-upload-check.php#L1036security@wordfence.com
N/A
https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/v10/v10-frontend/user_upload/users-upload-check.php#L1193security@wordfence.com
N/A
https://www.wordfence.com/threat-intel/vulnerabilities/id/71f2f8c4-00ee-4ab4-b0e0-9ddac46818b3?source=cvesecurity@wordfence.com
N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/ajax/ajax-functions-frontend.php#L837
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/functions/frontend/cg-general-frontend.php#L12
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/v10/v10-frontend/user_upload/users-upload-check.php#L1036
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/browser/contest-gallery/tags/28.1.5/v10/v10-frontend/user_upload/users-upload-check.php#L1193
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://www.wordfence.com/threat-intel/vulnerabilities/id/71f2f8c4-00ee-4ab4-b0e0-9ddac46818b3?source=cve
Source: security@wordfence.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

801Records found
CVE-2022-4158
Matching Score-10
Assigner-WPScan
ShareView Details
Matching Score-10
Assigner-WPScan
CVSS Score-7.5||HIGH
EPSS-1.26% / 79.65%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:28
Updated-12 Apr, 2025 | 00:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5 - Unauthenticated SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_Fields POST parameter before concatenating it to an SQL query in users-registry-check-registering-and-login.php. This may allow malicious visitors to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest GalleryContest Gallery Pro
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4156
Matching Score-10
Assigner-WPScan
ShareView Details
Matching Score-10
Assigner-WPScan
CVSS Score-7.5||HIGH
EPSS-0.77% / 73.66%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:28
Updated-14 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5.1 - Unauthenticated SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the user_id POST parameter before concatenating it to an SQL query in ajax-functions-backend.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest Gallery ProContest Gallery
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2026-3180
Matching Score-10
Assigner-Wordfence
ShareView Details
Matching Score-10
Assigner-Wordfence
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.01%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 17:23
Updated-22 Apr, 2026 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery <= 28.1.4 - Unauthenticated SQL Injection

The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to blind SQL Injection via the ‘cgLostPasswordEmail’ and the ’cgl_mail’ parameter in all versions up to, and including, 28.1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. The vulnerability's ’cgLostPasswordEmail’ parameter was patched in version 28.1.4, and the ’cgl_mail’ parameter was patched in version 28.1.5.

Action-Not Available
Vendor-contest-gallery
Product-Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-43283
Matching Score-8
Assigner-Patchstack
ShareView Details
Matching Score-8
Assigner-Patchstack
CVSS Score-5.3||MEDIUM
EPSS-15.60% / 94.77%
||
7 Day CHG~0.00%
Published-26 Aug, 2024 | 16:07
Updated-28 Apr, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Contest Gallery plugin <= 23.1.2 - Unauthenticated Comment UserID And IP address Disclosure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 23.1.2.

Action-Not Available
Vendor-contest-galleryWasiliy Strecker / ContestGallery developer
Product-contest_galleryContest Gallery
CWE ID-CWE-201
Insertion of Sensitive Information Into Sent Data
CVE-2024-30236
Matching Score-6
Assigner-Patchstack
ShareView Details
Matching Score-6
Assigner-Patchstack
CVSS Score-8.5||HIGH
EPSS-0.50% / 66.05%
||
7 Day CHG~0.00%
Published-28 Mar, 2024 | 04:44
Updated-11 May, 2026 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Contest Gallery plugin <= 21.3.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 21.3.4.

Action-Not Available
Vendor-contest-galleryWasiliy Strecker / ContestGallery developer
Product-contest_galleryContest Gallery
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-30238
Matching Score-6
Assigner-Patchstack
ShareView Details
Matching Score-6
Assigner-Patchstack
CVSS Score-8.5||HIGH
EPSS-0.50% / 66.05%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 13:46
Updated-28 Apr, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Photos and Files Contest Gallery plugin <= 21.3.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 21.3.2.

Action-Not Available
Vendor-contest-galleryWasiliy Strecker / ContestGallery developer
Product-contest_galleryContest Gallery
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4153
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-6.5||MEDIUM
EPSS-0.58% / 69.19%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:27
Updated-12 Apr, 2025 | 00:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5.1 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the upload[] POST parameter before concatenating it to an SQL query in get-data-create-upload-v10.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest GalleryContest Gallery Pro
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4150
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-6.5||MEDIUM
EPSS-0.87% / 75.42%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:28
Updated-12 Apr, 2025 | 00:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the option_id POST parameter before concatenating it to an SQL query in order-custom-fields-with-and-without-search.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest GalleryContest Gallery Pro
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4165
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-6.5||MEDIUM
EPSS-0.74% / 73.16%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:28
Updated-12 Apr, 2025 | 00:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_order POST parameter before concatenating it to an SQL query in order-custom-fields-with-and-without-search.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest GalleryContest Gallery Pro
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4155
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-4.9||MEDIUM
EPSS-1.35% / 80.29%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:27
Updated-12 Apr, 2025 | 00:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5 - Admin+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the wp_user_id GET parameter before concatenating it to an SQL query in management-show-user.php. This may allow malicious users with administrator privileges (i.e. on multisite WordPress configurations) to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest GalleryContest Gallery Pro
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4162
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-6.5||MEDIUM
EPSS-0.74% / 73.16%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:28
Updated-14 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_row POST parameter before concatenating it to an SQL query in 3_row-order.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest Gallery ProContest Gallery
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4157
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-4.9||MEDIUM
EPSS-0.82% / 74.57%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:27
Updated-12 Apr, 2025 | 00:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5 - Admin+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_option_id POST parameter before concatenating it to an SQL query in export-votes-all.php. This may allow malicious users with administrator privileges (i.e. on multisite WordPress configurations) to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest GalleryContest Gallery Pro
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4166
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-6.5||MEDIUM
EPSS-0.74% / 73.16%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:28
Updated-12 Apr, 2025 | 00:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the addCountS POST parameter before concatenating it to an SQL query in 4_activate.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest GalleryContest Gallery Pro
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4152
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-6.5||MEDIUM
EPSS-0.87% / 75.42%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:28
Updated-14 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5, Contest Gallery Pro WordPress plugin before 19.1.5 do not escape the option_id POST parameter before concatenating it to an SQL query in edit-options.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest Gallery ProContest Gallery
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4159
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-6.5||MEDIUM
EPSS-0.98% / 76.96%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:28
Updated-14 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5.1 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_id POST parameter before concatenating it to an SQL query in 0_change-gallery.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest Gallery ProContest Gallery
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4161
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-6.5||MEDIUM
EPSS-0.74% / 73.16%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:27
Updated-14 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_copy_start POST parameter before concatenating it to an SQL query in copy-gallery-images.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest Gallery ProContest Gallery
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4154
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-4.9||MEDIUM
EPSS-0.85% / 75.03%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:28
Updated-14 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery Pro < 19.1.5 - Admin+ SQL Injection

The Contest Gallery Pro WordPress plugin before 19.1.5 does not escape the wp_user_id GET parameter before concatenating it to an SQL query in management-show-user.php. This may allow malicious users with at administrator privileges (i.e. on multisite WordPress configurations) to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest Gallery Pro
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4163
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-6.5||MEDIUM
EPSS-0.58% / 69.19%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:28
Updated-14 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_deactivate and cg_activate POST parameters before concatenating it to an SQL query in 2_deactivate.php and 4_activate.php, respectively. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest Gallery ProContest Gallery
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4160
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-6.5||MEDIUM
EPSS-0.77% / 73.71%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:28
Updated-14 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_copy_id POST parameter before concatenating it to an SQL query in cg-copy-comments.php and cg-copy-rating.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest Gallery ProContest Gallery
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4151
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-6.5||MEDIUM
EPSS-0.74% / 73.16%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:28
Updated-14 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5 - Admin+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the option_id GET parameter before concatenating it to an SQL query in export-images-data.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest Gallery ProContest Gallery
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-4164
Matching Score-6
Assigner-WPScan
ShareView Details
Matching Score-6
Assigner-WPScan
CVSS Score-6.5||MEDIUM
EPSS-0.58% / 69.19%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 12:28
Updated-14 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Contest Gallery < 19.1.5 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_multiple_files_for_post POST parameter before concatenating it to an SQL query in 0_change-gallery.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.

Action-Not Available
Vendor-contest-galleryUnknown
Product-contest_galleryContest Gallery ProContest Gallery
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-10687
Matching Score-6
Assigner-Wordfence
ShareView Details
Matching Score-6
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.72% / 72.68%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 09:30
Updated-08 Apr, 2026 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons <= 24.0.3 - Unauthenticated SQL Injection

The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons plugin for WordPress is vulnerable to time-based SQL Injection via the $collectedIds parameter in all versions up to, and including, 24.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Action-Not Available
Vendor-contest-gallerycontest-gallerycontest-gallery
Product-contest_galleryContest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripecontest_gallery
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-22693
Matching Score-6
Assigner-Patchstack
ShareView Details
Matching Score-6
Assigner-Patchstack
CVSS Score-7.6||HIGH
EPSS-0.03% / 7.84%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 14:23
Updated-28 Apr, 2026 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Contest Gallery plugin <= 25.1.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows SQL Injection.This issue affects Contest Gallery: from n/a through <= 25.1.0.

Action-Not Available
Vendor-contest-galleryWasiliy Strecker / ContestGallery developer
Product-contest_galleryContest Gallery
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-36394
Matching Score-6
Assigner-Patchstack
ShareView Details
Matching Score-6
Assigner-Patchstack
CVSS Score-7.6||HIGH
EPSS-0.51% / 66.67%
||
7 Day CHG~0.00%
Published-23 Aug, 2022 | 15:47
Updated-28 Apr, 2026 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Contest Gallery plugin <= 17.0.4 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated (author+) SQL Injection (SQLi) vulnerability in Contest Gallery plugin <= 17.0.4 at WordPress.

Action-Not Available
Vendor-contest-galleryContest Gallery
Product-contest_galleryContest Gallery (WordPress plugin)
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-4906
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.16% / 35.99%
||
7 Day CHG~0.00%
Published-15 May, 2024 | 18:31
Updated-20 Feb, 2025 | 21:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Campcodes Complete Web-Based School Management System show_student1.php sql injection

A vulnerability, which was classified as critical, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/show_student1.php. The manipulation of the argument grade leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-264441 was assigned to this vulnerability.

Action-Not Available
Vendor-CampCodes
Product-complete_web-based_school_management_systemComplete Web-Based School Management System
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25495
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.14% / 33.25%
||
7 Day CHG~0.00%
Published-27 Feb, 2026 | 17:23
Updated-07 Apr, 2026 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
osCommerce 2.3.4.1 SQL Injection via reviews_id Parameter

osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the reviews_id parameter. Attackers can send GET requests to product_reviews_write.php with malicious reviews_id values using boolean-based SQL injection payloads to extract sensitive database information.

Action-Not Available
Vendor-oscommerceOscommerce
Product-oscommerceosCommerce
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25460
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.11% / 28.19%
||
7 Day CHG~0.00%
Published-22 Feb, 2026 | 14:12
Updated-07 Apr, 2026 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Web Ofisi Platinum E-Ticaret v5 SQL Injection via q Parameter

Web Ofisi Platinum E-Ticaret v5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' GET parameter. Attackers can send requests to the arama endpoint with malicious 'q' values using time-based SQL injection techniques to extract sensitive database information.

Action-Not Available
Vendor-web-ofisiWeb-ofisi
Product-platinum_e-ticaretTicaret
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25335
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.14% / 32.98%
||
7 Day CHG~0.00%
Published-12 Feb, 2026 | 22:49
Updated-13 Feb, 2026 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PRO-7070 Hazır Profesyonel Web Sitesi 1.0 - Authentication Bypass

PRO-7070 Hazır Profesyonel Web Sitesi version 1.0 contains an authentication bypass vulnerability in the administration panel login page. Attackers can bypass authentication by using '=' 'or' as both username and password to gain unauthorized access to the administrative interface.

Action-Not Available
Vendor-Websitem
Product-7070 Hazır Profesyonel Web Sitesi
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25450
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-7.1||HIGH
EPSS-0.05% / 16.82%
||
7 Day CHG~0.00%
Published-22 Feb, 2026 | 13:18
Updated-07 Apr, 2026 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dolibarr ERP/CRM 10.0.1 SQL Injection via card.php

Dolibarr ERP/CRM 10.0.1 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through POST parameters. Attackers can inject malicious SQL through parameters like actioncode, demand_reason_id, and availability_id in card.php endpoints to extract sensitive database information using boolean-based blind, error-based, and time-based blind techniques.

Action-Not Available
Vendor-Dolibarr ERP & CRM
Product-dolibarr_erp\/crmDolibarr ERP/CRM
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25455
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.15% / 34.85%
||
7 Day CHG~0.00%
Published-22 Feb, 2026 | 14:12
Updated-07 Apr, 2026 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Web Ofisi E-Ticaret v3 SQL Injection via ara.html

Web Ofisi E-Ticaret v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'a' parameter. Attackers can send GET requests to with malicious 'a' parameter values to extract sensitive database information.

Action-Not Available
Vendor-web-ofisiWeb-ofisi
Product-e-ticaretTicaret
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25491
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.10% / 26.75%
||
7 Day CHG~0.00%
Published-27 Feb, 2026 | 17:23
Updated-07 Apr, 2026 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Homey BNB V4 SQL Injection via cms_getpagetitle.php

Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the catid parameter. Attackers can send GET requests to the admin/cms_getpagetitle.php endpoint with malicious catid values to extract sensitive database information.

Action-Not Available
Vendor-doditsolutionsDoditsolutions
Product-airbnb_clone_scriptHomey BNB (Airbnb Clone Script)
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-46382
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.12% / 30.00%
||
7 Day CHG~0.00%
Published-19 Sep, 2024 | 00:00
Updated-29 Apr, 2026 | 11:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A SQL injection vulnerability in linlinjava litemall 1.8.0 allows a remote attacker to obtain sensitive information via the goodsId, goodsSn, and name parameters in AdminOrderController.java.

Action-Not Available
Vendor-linlinjavan/alitemall_project
Product-litemalln/alitemall
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25457
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.15% / 34.85%
||
7 Day CHG~0.00%
Published-22 Feb, 2026 | 14:12
Updated-07 Apr, 2026 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Web Ofisi Firma v13 SQL Injection via oz Parameter

Web Ofisi Firma v13 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'oz' array parameter. Attackers can send GET requests to category pages with malicious 'oz[]' values using time-based blind SQL injection payloads to extract sensitive database information.

Action-Not Available
Vendor-web-ofisiWeb-ofisi
Product-firmaFirma
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25497
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.10% / 27.83%
||
7 Day CHG~0.00%
Published-27 Feb, 2026 | 17:23
Updated-07 Apr, 2026 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
osCommerce 2.3.4.1 SQL Injection via currency Parameter

osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the currency parameter. Attackers can send GET requests to shopping_cart.php with malicious currency values using boolean-based SQL injection payloads to extract sensitive database information.

Action-Not Available
Vendor-oscommerceOscommerce
Product-oscommerceosCommerce
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25346
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-7.1||HIGH
EPSS-0.21% / 43.45%
||
7 Day CHG~0.00%
Published-12 Feb, 2026 | 19:02
Updated-02 Mar, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
thesystem 1.0 - 'server_name' SQL Injection

TheSystem 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the 'server_name' parameter. Attackers can inject malicious SQL code like ' or '1=1 to retrieve unauthorized database records and potentially access sensitive system information.

Action-Not Available
Vendor-kostasmitrogloukostasmitroglou
Product-password_management_applicationthesystem
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2023-2038
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.26% / 49.93%
||
7 Day CHG~0.00%
Published-14 Apr, 2023 | 07:31
Updated-02 Aug, 2024 | 06:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Campcodes Video Sharing Website admin_class.php sql injection

A vulnerability was found in Campcodes Video Sharing Website 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin_class.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225916.

Action-Not Available
Vendor-campcodes_video_sharing_website_projectCampCodes
Product-campcodes_video_sharing_websiteVideo Sharing Website
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-4653
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.08% / 23.50%
||
7 Day CHG~0.00%
Published-08 May, 2024 | 14:31
Updated-10 Oct, 2025 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BlueNet Technology Clinical Browsing System outIndex.php sql injection

A vulnerability was found in BlueNet Technology Clinical Browsing System 1.2.1 and classified as critical. Affected by this issue is some unknown functionality of the file /xds/outIndex.php. The manipulation of the argument name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-263498 is the identifier assigned to this vulnerability.

Action-Not Available
Vendor-bluenettechnologyBlueNet Technology
Product-clinical_browsing_systemClinical Browsing System
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25452
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.13% / 32.00%
||
7 Day CHG~0.00%
Published-22 Feb, 2026 | 13:18
Updated-07 Apr, 2026 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dolibarr ERP/CRM 10.0.1 SQL Injection via elemid

Dolibarr ERP/CRM 10.0.1 contains an SQL injection vulnerability in the elemid POST parameter of the viewcat.php endpoint that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can submit crafted POST requests with malicious SQL payloads in the elemid parameter to extract sensitive database information using error-based or time-based blind SQL injection techniques.

Action-Not Available
Vendor-Dolibarr ERP & CRM
Product-dolibarr_erp\/crmDolibarr ERP/CRM
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25493
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.10% / 26.75%
||
7 Day CHG~0.00%
Published-27 Feb, 2026 | 17:23
Updated-07 Apr, 2026 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Homey BNB V4 SQL Injection via getrecord.php

Homey BNB V4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'val' parameter. Attackers can send GET requests to the admin/getrecord.php endpoint with malicious 'val' values to extract sensitive database information.

Action-Not Available
Vendor-doditsolutionsDoditsolutions
Product-airbnb_clone_scriptHomey BNB (Airbnb Clone Script)
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25432
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.29% / 51.91%
||
7 Day CHG~0.00%
Published-20 Feb, 2026 | 22:54
Updated-07 Apr, 2026 | 14:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Part-DB 0.4 Authentication Bypass via login.php

Part-DB 0.4 contains an authentication bypass vulnerability that allows unauthenticated attackers to login by injecting SQL syntax into authentication parameters. Attackers can submit a single quote followed by 'or' in the login form to bypass credential validation and gain unauthorized access to the application.

Action-Not Available
Vendor-Part-DB
Product-Part-DB
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-44903
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 28.45%
||
7 Day CHG~0.00%
Published-25 Mar, 2025 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL Injection can occur in the SirsiDynix Horizon Information Portal (IPAC20) through 3.25_9382; however, a patch is available from the vendor. This is in ipac.jsp in a SELECT WHERE statement, in a part of the uri= variable in the second part of the full= inner variable.

Action-Not Available
Vendor-SirsiDynix
Product-IPAC20
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2023-2035
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.45% / 63.93%
||
7 Day CHG~0.00%
Published-14 Apr, 2023 | 06:31
Updated-02 Aug, 2024 | 06:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Campcodes Video Sharing Website signup.php sql injection

A vulnerability has been found in Campcodes Video Sharing Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file signup.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-225913 was assigned to this vulnerability.

Action-Not Available
Vendor-campcodes_video_sharing_website_projectCampCodes
Product-campcodes_video_sharing_websiteVideo Sharing Website
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25347
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-7.1||HIGH
EPSS-0.21% / 43.45%
||
7 Day CHG~0.00%
Published-12 Feb, 2026 | 19:02
Updated-02 Mar, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
thesystem App 1.0 - 'username' SQL Injection

thesystem App 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the username parameter. Attackers can inject malicious SQL code like ' or '1=1 to the username field to gain unauthorized access to user accounts.

Action-Not Available
Vendor-kostasmitrogloukostasmitroglou
Product-password_management_applicationthesystem
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25581
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.24% / 47.56%
||
7 Day CHG~0.00%
Published-21 Mar, 2026 | 15:30
Updated-24 Mar, 2026 | 20:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
i-doit CMDB 1.12 SQL Injection via objGroupID Parameter

i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the objGroupID parameter. Attackers can send GET requests with crafted SQL payloads in the objGroupID parameter to extract sensitive database information including usernames, database names, and version details.

Action-Not Available
Vendor-i-doitI-Doit
Product-i-doitdoit CMDB
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-45793
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-31.48% / 96.84%
||
7 Day CHG~0.00%
Published-17 Mar, 2022 | 11:12
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained.

Action-Not Available
Vendor-slimsn/a
Product-senayan_library_management_systemn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-10645
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.5||HIGH
EPSS-0.61% / 70.11%
||
7 Day CHG~0.00%
Published-16 Nov, 2024 | 08:35
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Blogger 301 Redirect <= 2.5.3 - Unauthenticated SQL Injection via br

The Blogger 301 Redirect plugin for WordPress is vulnerable to blind time-based SQL Injection via the ‘br’ parameter in all versions up to, and including, 2.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Action-Not Available
Vendor-sudiptomahatosudiptomahato
Product-Blogger 301 Redirectblogger_301_redirect
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-4443
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-93.93% / 99.88%
||
7 Day CHG~0.00%
Published-22 May, 2024 | 05:32
Updated-08 Apr, 2026 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Business Directory Plugin – Easy Listing Directories for WordPress <= 6.4.2 - Unauthenticated SQL Injection via listingfields Parameter

The Business Directory Plugin – Easy Listing Directories for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘listingfields’ parameter in all versions up to, and including, 6.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Action-Not Available
Vendor-Strategy11
Product-business_directoryBusiness Directory Plugin – Easy Listing Directories for WordPress
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25662
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.11% / 28.50%
||
7 Day CHG+0.01%
Published-05 Apr, 2026 | 20:45
Updated-14 Apr, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ResourceSpace 8.6 SQL Injection via watched_searches.php

ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'ref' parameter. Attackers can send GET requests to the watched_searches.php endpoint with crafted SQL payloads to extract sensitive database information including usernames and credentials.

Action-Not Available
Vendor-montalaMontala
Product-resourcespaceResourceSpace
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25515
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.99% / 77.11%
||
7 Day CHG+0.05%
Published-12 Mar, 2026 | 15:36
Updated-17 Mar, 2026 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Jettweb PHP Hazir Haber Sitesi Scripti V3 Authentication Bypass

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. Attackers can bypass authentication by submitting equals signs and 'or' operators as username and password parameters to access the administration panel without valid credentials.

Action-Not Available
Vendor-jettwebJettweb
Product-php_stock_news_site_scriptHazir Haber Sitesi Scripti
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-25675
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.16% / 36.21%
||
7 Day CHG+0.02%
Published-05 Apr, 2026 | 20:58
Updated-20 Apr, 2026 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
eDirectory All Versions SQL Injection Authentication Bypass

eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection to authenticate as administrator, then leverage authenticated file disclosure vulnerabilities in language_file.php to read arbitrary PHP files from the server.

Action-Not Available
Vendor-arcasolutionsedirectory
Product-edirectoryeDirectory
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 16
  • 17
  • Next
Details not found