Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (19268 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-7283 1 Sourcecodester 1 Pharmacy Sales And Inventory System 2026-04-28 4.7 Medium
A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function save_expired of the file /ajax.php?action=save_expired. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.
CVE-2025-68990 1 Wordpress 1 Wordpress 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in xenioushk BWL Pro Voting Manager bwl-pro-voting-manager allows Blind SQL Injection.This issue affects BWL Pro Voting Manager: from n/a through <= 1.4.9.
CVE-2025-68865 2 Infility, Wordpress 2 Infility Global, Wordpress 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infility Infility Global infility-global allows SQL Injection.This issue affects Infility Global: from n/a through <= 2.15.06.
CVE-2025-52830 1 Wordpress 1 Wordpress 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bSecure – Your Universal Checkout bSecure – Your Universal Checkout bsecure allows Blind SQL Injection.This issue affects bSecure – Your Universal Checkout: from n/a through <= 1.7.9.
CVE-2025-47657 1 Wordpress 1 Wordpress 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Productive Minds Productive Commerce productive-commerce allows SQL Injection.This issue affects Productive Commerce: from n/a through <= 1.1.40.
CVE-2025-47651 1 Infility 1 Infility Global 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infility Infility Global infility-global allows SQL Injection.This issue affects Infility Global: from n/a through <= 2.15.06.
CVE-2025-31059 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in woobewoo WBW Product Table PRO woo-producttables-pro allows SQL Injection.This issue affects WBW Product Table PRO: from n/a through <= 2.2.6.
CVE-2025-26898 1 Wordpress 1 Wordpress 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler traveler.This issue affects Traveler: from n/a through < 3.2.1.
CVE-2025-24683 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Chill RSVP and Event Management rsvp allows SQL Injection.This issue affects RSVP and Event Management: from n/a through <= 2.7.14.
CVE-2024-52474 1 Trilncom Llc 1 Express Payments Module 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Сервис “Экспресс Платежи” Express Payments Module express-pay allows Blind SQL Injection.This issue affects Express Payments Module: from n/a through <= 1.1.8.
CVE-2024-38788 1 Uipress 1 Uipress Lite 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bởi Admin 2020 UiPress lite allows SQL Injection.This issue affects UiPress lite: from n/a through 3.4.06.
CVE-2024-34412 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Parcel Panel ParcelPanel.This issue affects ParcelPanel: from n/a through 3.8.1.
CVE-2024-34386 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lucian Apostol Auto Affiliate Links.This issue affects Auto Affiliate Links: from n/a through 6.4.3.1.
CVE-2024-33911 1 Weblizar 1 School Management 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Weblizar School Management Pro.This issue affects School Management Pro: from n/a through 10.3.4.
CVE-2024-33551 1 8theme 1 Xstore Core 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 8theme XStore Core allows SQL Injection.This issue affects XStore Core: from n/a through 5.3.5.
CVE-2024-33559 1 8theme 1 Xstore 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 8theme XStore allows SQL Injection.This issue affects XStore: from n/a through 9.3.5.
CVE-2024-33546 2 Aa-team, Wordpress 2 Wzone, Wordpress 2026-04-28 9.6 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10.
CVE-2024-33544 2 Aa-team, Wordpress 2 Wzone, Wordpress 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10.
CVE-2024-32709 2026-04-28 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5.
CVE-2024-32710 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5.