Export limit exceeded: 18749 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18749 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-41433 | 1 Resumes Management And Job Application Website Application Project | 1 Resumes Management And Job Application Website Application | 2025-05-21 | 9.8 Critical |
| SQL Injection vulnerability exists in version 1.0 of the Resumes Management and Job Application Website application login form by EGavilan Media that allows authentication bypass through login.php. | ||||
| CVE-2022-28813 | 1 Gavazziautomation | 3 Cpy Car Park Server, Uwp 3.0 Monitoring Gateway And Controller, Uwp 3.0 Monitoring Gateway And Controller Firmware | 2025-05-21 | 7.5 High |
| In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of an SQL-injection to gain access to a volatile temporary database with the current states of the device. | ||||
| CVE-2022-22524 | 1 Gavazziautomation | 3 Cpy Car Park Server, Uwp 3.0 Monitoring Gateway And Controller, Uwp 3.0 Monitoring Gateway And Controller Firmware | 2025-05-21 | 9.4 Critical |
| In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an unauthenticated remote attacker could utilize a SQL-Injection vulnerability to gain full database access, modify users and stop services . | ||||
| CVE-2025-4773 | 1 Phpgurukul | 1 Online Course Registration | 2025-05-21 | 7.3 High |
| A vulnerability was found in PHPGurukul Online Course Registration 3.1 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/level.php. The manipulation of the argument level leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4777 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-21 | 6.3 Medium |
| A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been classified as critical. This affects an unknown part of the file /view-foreigner-ticket.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-48395 | 1 Kaifa | 1 Webitr Attendance System | 2025-05-21 | 6.5 Medium |
| Kaifa Technology WebITR is an online attendance system, it has insufficient validation for user input within a special function. A remote attacker with regular user privilege can exploit this vulnerability to inject arbitrary SQL commands to read database. | ||||
| CVE-2025-4771 | 1 Phpgurukul | 1 Online Course Registration | 2025-05-21 | 7.3 High |
| A vulnerability, which was classified as critical, was found in PHPGurukul Online Course Registration 3.1. Affected is an unknown function of the file /admin/course.php. The manipulation of the argument coursecode leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-45115 | 1 Projectworlds | 1 Online Examination System | 2025-05-21 | 8.8 High |
| Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2025-4911 | 1 Phpgurukul | 1 Zoo Management System | 2025-05-21 | 7.3 High |
| A vulnerability, which was classified as critical, was found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of the file /admin/view-foreigner-ticket.php. The manipulation of the argument viewid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4925 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2025-05-21 | 7.3 High |
| A vulnerability has been found in PHPGurukul Daily Expense Tracker System 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /expense-monthwise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4927 | 1 Phpgurukul | 1 Online Marriage Registration System | 2025-05-21 | 7.3 High |
| A vulnerability was found in PHPGurukul Online Marriage Registration System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/between-dates-application-report.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2022-28815 | 1 Gavazziautomation | 3 Cpy Car Park Server, Uwp 3.0 Monitoring Gateway And Controller, Uwp 3.0 Monitoring Gateway And Controller Firmware | 2025-05-20 | 2.7 Low |
| In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy server was discovered to contain a SQL injection vulnerability allowing an attacker to query other tables of the Sentilo service. | ||||
| CVE-2022-41440 | 1 Billing System Project Project | 1 Billing System Project | 2025-05-20 | 7.2 High |
| Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/editcategory.php. | ||||
| CVE-2022-41439 | 1 Billing System Project Project | 1 Billing System Project | 2025-05-20 | 7.2 High |
| Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/edituser.php. | ||||
| CVE-2022-40887 | 1 Best Student Result Management System Project | 1 Best Student Result Management System | 2025-05-20 | 9.8 Critical |
| SourceCodester Best Student Result Management System 1.0 is vulnerable to SQL Injection. | ||||
| CVE-2022-33880 | 1 Hospital Management System Mini-project Project | 1 Hospital Management System Mini-project | 2025-05-20 | 9.8 Critical |
| hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter. | ||||
| CVE-2021-43361 | 1 Meddata | 1 Hbys | 2025-05-20 | 9.9 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MedData HBYS allows SQL Injection.This issue affects HBYS: from unspecified before 1.1. | ||||
| CVE-2021-43362 | 1 Meddata | 1 Hbys | 2025-05-20 | 9.9 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MedData HBYS allows SQL Injection.This issue affects HBYS: from unspecified before 1.1. | ||||
| CVE-2022-40944 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2025-05-20 | 9.8 Critical |
| Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file. | ||||
| CVE-2022-40315 | 2 Fedoraproject, Moodle | 3 Extra Packages For Enterprise Linux, Fedora, Moodle | 2025-05-20 | 9.8 Critical |
| A limited SQL injection risk was identified in the "browse list of users" site administration page. | ||||