Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 12 March 2026
RSS830 vulnerabilities published on 12 March 2026
Severity:
Webhook Spoofing in ZeptoClaw Allows Message Spoofing and IDOR
GHSA-46q5-g3j9-wx5c
CVE-2026-32231
### Summary
The generic webhook channel trusts caller-supplied identity fields (`sender`, `chat_id`) from the request body and applies authorization c...
8.2
Netartmedia Real Estate Portal 5.0 SQL Injection Risk: Unauthenticated Access
CVE-2019-25543
Netartmedia Real Estate Portal 5.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by inj...
8.8
Netartmedia Real Estate Portal 5.0 allows unauthorized database access
CVE-2019-25542
Netartmedia Real Estate Portal 5.0 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by inje...
8.8
Netartmedia PHP Mall 4.1 allows attackers to steal sensitive data
CVE-2019-25541
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through u...
8.8
Netartmedia PHP Mall 4.1: Unauthenticated Access to Sensitive Database Data
CVE-2019-25540
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by inject...
8.8
202CMS v10 beta: Unauthenticated Database Data Exposure
CVE-2019-25539
202CMS v10 beta contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL cod...
8.8
202CMS v10 beta: Unauthenticated SQL Injection Risk
CVE-2019-25538
202CMS v10 beta contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code thr...
8.8
Netartmedia Event Portal 2.0 lets attackers steal database info
CVE-2019-25537
Netartmedia Event Portal 2.0 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database quer...
8.8
Netartmedia Real Estate Agency 4.0: Unauthenticated SQL Attack through Form Input
CVE-2019-25536
Netartmedia PHP Real Estate Agency 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries ...
8.8
Netartmedia PHP Dating Site Allows Sensitive Data Exposure
CVE-2019-25535
Netartmedia PHP Dating Site contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting S...
8.8
Netartmedia PHP Car Dealer: Unauthenticated Database Access
CVE-2019-25534
Netartmedia PHP Car Dealer contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting...
8.8
Netartmedia PHP Business Directory 4.2: Unauthenticated Database Access
CVE-2019-25533
Netartmedia PHP Business Directory 4.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by...
8.8
Netartmedia Jobs Portal 6.1 allows attackers to access sensitive database info
CVE-2019-25532
Netartmedia Jobs Portal 6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting ...
8.8
Netartmedia Deals Portal: Email Exposes Sensitive Data to Hackers
CVE-2019-25531
Netartmedia Deals Portal contains an SQL injection vulnerability in the Email parameter of loginaction.php that allows unauthenticated attackers to ma...
8.8
uHotelBooking System allows hackers to steal sensitive data
CVE-2019-25530
uHotelBooking System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL cod...
8.8
Inout EasyRooms Ultimate Edition SQL injection risk: sensitive data exposure
CVE-2019-25528
Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by ...
8.8
Inout EasyRooms Ultimate Edition: Unauthenticated Database Access Risk
CVE-2019-25527
Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by ...
8.8
Inout EasyRooms Ultimate Edition allows unauthorized data access through search input
CVE-2019-25526
Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by ...
8.8
Inout EasyRooms SQL Injection: Unauthenticated Database Access
CVE-2019-25525
Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by ...
8.8
XooGallery Latest: Unauthenticated Database Access Risk
CVE-2019-25524
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code t...
8.8
XooGallery Latest allows unauthenticated database access and data tampering
CVE-2019-25523
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code t...
8.8
XooGallery: Unsecured Photo IDs Expose Sensitive Data
CVE-2019-25522
XooGallery Latest contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL...
8.8
XooGallery Latest allows unauthorized database access through malicious GET requests
CVE-2019-25521
XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code t...
8.8
Jettweb PHP News Site Script: Unauthenticated Admin Access
CVE-2019-25520
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated atta...
8.8
Jettweb News Site Script V1 Allows Malicious Database Access
CVE-2019-25519
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting ma...
8.8