Export limit exceeded: 18760 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18760 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-4060 | 1 Anujk305 | 1 Notice Board System | 2025-05-09 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. This issue affects some unknown processing of the file /category.php. The manipulation of the argument catname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-24142 | 1 Rems | 1 School Task Manager | 2025-05-09 | 9.8 Critical |
| Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter. | ||||
| CVE-2022-3302 | 1 Cleantalk | 1 Spam Protection\, Antispam\, Firewall | 2025-05-09 | 7.2 High |
| The Spam protection, AntiSpam, FireWall by CleanTalk WordPress plugin before 5.185.1 does not validate ids before using them in a SQL statement, which could lead to SQL injection exploitable by high privilege users such as admin | ||||
| CVE-2022-3300 | 1 10web | 1 Form Maker | 2025-05-09 | 7.2 High |
| The Form Maker by 10Web WordPress plugin before 1.15.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin | ||||
| CVE-2024-0362 | 1 Phpgurukul | 1 Hospital Management System | 2025-05-09 | 5.5 Medium |
| A vulnerability classified as critical was found in PHPGurukul Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/change-password.php. The manipulation of the argument cpass leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-250129 was assigned to this vulnerability. | ||||
| CVE-2024-0389 | 1 Student Attendance System Project | 1 Student Attendance System | 2025-05-09 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in SourceCodester Student Attendance System 1.0. Affected is an unknown function of the file attendance_report.php. The manipulation of the argument class_id leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-250230 is the identifier assigned to this vulnerability. | ||||
| CVE-2024-23810 | 1 Siemens | 1 Sinec Nms | 2025-05-09 | 8.8 High |
| A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application is vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary SQL queries on the server database. | ||||
| CVE-2022-39056 | 1 Changingtec | 1 Rava Certificate Validation System | 2025-05-09 | 9.8 Critical |
| RAVA certificate validation system has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify and delete database. | ||||
| CVE-2024-39841 | 1 Centreon | 1 Centreon Web | 2025-05-09 | 8.8 High |
| A SQL Injection vulnerability exists in the service configuration functionality in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23. | ||||
| CVE-2024-33854 | 1 Centreon | 1 Centreon Web | 2025-05-09 | 9.1 Critical |
| A SQL Injection vulnerability exists in the Graph Template component in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23. | ||||
| CVE-2024-33853 | 1 Centreon | 1 Centreon Web | 2025-05-09 | 9.1 Critical |
| A SQL Injection vulnerability exists in the Timeperiod component in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23. | ||||
| CVE-2024-33852 | 1 Centreon | 1 Centreon Web | 2025-05-09 | 9.1 Critical |
| A SQL Injection vulnerability exists in the Downtime component in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23. | ||||
| CVE-2024-32501 | 1 Centreon | 2 Centreon, Centreon Web | 2025-05-09 | 9.8 Critical |
| A SQL Injection vulnerability exists in the updateServiceHost functionality in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23. | ||||
| CVE-2025-4073 | 1 Phpgurukul | 1 Student Record System | 2025-05-09 | 7.3 High |
| A vulnerability was found in PHPGurukul Student Record System 3.20. It has been classified as critical. Affected is an unknown function of the file /change-password.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4072 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2025-05-09 | 6.3 Medium |
| A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edit-nurse.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Multiple parameters might be affected. | ||||
| CVE-2025-4071 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2025-05-09 | 7.3 High |
| A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /test-details.php. The manipulation of the argument Status leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4070 | 1 Phpgurukul | 1 Rail Pass Management System | 2025-05-09 | 7.3 High |
| A vulnerability, which was classified as critical, was found in PHPGurukul Rail Pass Management System 1.0. This affects an unknown part of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4074 | 1 Phpgurukul | 1 Curfew E-pass Management System | 2025-05-09 | 7.3 High |
| A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/pass-bwdates-report.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-45020 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-09 | 7.2 High |
| A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the todate parameter in a POST request. | ||||
| CVE-2025-45017 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-09 | 9.8 Critical |
| A SQL injection vulnerability was discovered in edit-ticket.php of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the tprice POST request parameter. | ||||