| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/menu/ via the path=component/menu/&menu_filter=3 parameter. |
| Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/table_manager/ via the search_word parameter. |
| Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter. |
| A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator level. |
| ACEweb Online Portal 3.5.065 was discovered to contain a SQL injection vulnerability via the criteria parameter in showschedule.awp. |
| Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability via add/Student. |
| Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php. |
| AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php. |
| eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php. |
| eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php. |
| eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_post.php. |
| eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php. |
| Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter. |
| The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and value parameters, as demonstrated by api/get-organizations. |
| SQL Injection vulnerability discovered in Unified Office Total Connect Now that would allow an attacker to extract sensitive information through a cookie parameter. |
| SQL injection vulnerability in the phpUploader v1.2 and earlier allows a remote unauthenticated attacker to obtain the information in the database via unspecified vectors. |
| ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. An unauthenticated LAN attacker to inject arbitrary SQL code to read, modify and delete database. |
| The Testimonial WordPress Plugin WordPress plugin before 1.4.7 does not validate and escape the id parameter before using it in a SQL statement when retrieving a testimonial to edit, leading to a SQL Injection |
| Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter. |
| MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java. |
