Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Cockpit-HQ Cockpit Asset Handler/Aggregate data query logic injection
FastGPT: NoSQL Injection in updatePasswordByOld Leads to Account Takeover
FastGPT: NoSQL Injection in loginByPassword leads to Authentication Bypass
phpMyFAQ has a LIKE Wildcard Injection in Search.php — Unescaped % and _ Metacharacters Enable Broad Content Disclosure
Azure Data Explorer MCP Server: KQL Injection in multiple tools allows MCP client to execute arbitrary Kusto queries
Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web
Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web
Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web
Parse Server: Account takeover via operator injection in authentication data identifier
Graphiti vulnerable to Cypher Injection via unsanitized node_labels in search filters
Sylius has a DQL Injection via API Order Filters
NoSQL Injection via WebSocket id Parameter in MongoDB Adapter
Parse Server has a NoSQL injection via token type in password reset and email verification endpoints
Rocket.Chat: NoSQL injection in the EE ddp-streamer-service
Arbitrary code execution in log reader via untrusted log file
New API has an SQL LIKE Wildcard Injection DoS via Token Search
FacturaScripts has SQL Injection vulnerability in API ORDER BY Clause
FacturaScripts has SQL Injection vulnerability in Autocomplete Actions
IBM Db2 Denial of Service
IBM Db2 Denial of Service
Showing 1 - 20 of 1,000+ results