Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2026-45439
CRITICAL CVSS 9.3
Find Similar
Unauthenticated SQL Injection in Realtyna Organic IDX plugin <= 5.1.0 versions.
CVE-2025-34162
CRITICAL CVSS 9.3
Find Similar
An unauthenticated SQL injection vulnerability exists in the GetLyfsByParams endpoint of Bian Que Feijiu Intelligent Emergency and Quality Control System, accessible via the /AppService/BQMedical/WebS
Unauthenticated PHP Object Injection in Manufaktur Solutions <= 1.1.1 versions.
CVE-2026-49067
CRITICAL CVSS 9.3
Find Similar
Unauthenticated SQL Injection in Advanced 301 and 302 Redirect <= 1.6.9 versions.
CVE-2026-52693
CRITICAL CVSS 9.3
Find Similar
Unauthenticated SQL Injection in eCommerce Product Catalog <= 3.5.5 versions.
CVE-2024-50706
CRITICAL CVSS 9.8
Find Similar
Unauthenticated SQL injection vulnerability in Uniguest Tripleplay version 23.1+ allows remote attackers to execute arbitrary SQL queries on the backend database.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText Advanced Authentication. This issue affects Advanced Authentication versions before 6.5