Unauthenticated SQL Injection in Realtyna Organic IDX plugin <= 5.1.0 versions.
An unauthenticated SQL injection vulnerability exists in the GetLyfsByParams endpoint of Bian Que Feijiu Intelligent Emergency and Quality Control System, accessible via the /AppService/BQMedical/WebS
Unauthenticated SQL Injection in WP Data Access <= 5.5.70 versions.
Unauthenticated PHP Object Injection in Manufaktur Solutions <= 1.1.1 versions.
Unauthenticated PHP Object Injection in Léonie <= 1.2.1 versions.
Unauthenticated SQL Injection in WP Maps <= 4.9.1 versions.
Unauthenticated PHP Object Injection in NeoBeat <= 1.7 versions.
Unauthenticated SQL Injection in Advanced 301 and 302 Redirect <= 1.6.9 versions.
Subscriber SQL Injection in Cornerstone < 7.8.8 versions.
Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions.
Unauthenticated SQL Injection in wpDataTables <= 7.3.6 versions.
Unauthenticated SQL Injection in eCommerce Product Catalog <= 3.5.5 versions.
Unauthenticated PHP Object Injection in Alukas < 3.0.0 versions.
Unauthenticated SQL Injection in Form Maker by 10Web <= 1.15.38 versions.
Unauthenticated SQL injection vulnerability in Uniguest Tripleplay version 23.1+ allows remote attackers to execute arbitrary SQL queries on the backend database.
Unauthenticated PHP Object Injection in Elementra <= 1.0.9 versions.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText Advanced Authentication. This issue affects Advanced Authentication versions before 6.5
Unauthenticated SQL Injection in GEO my WordPress <= 4.5.5 versions.
Unauthenticated PHP Object Injection in Valeska <= 1.2.2 versions.
Unauthenticated PHP Object Injection in Hot Coffee <= 1.7 versions.