Export limit exceeded: 18764 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18764 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-43328 | 1 Canteen Management System Project | 1 Canteen Management System | 2025-05-02 | 7.2 High |
| Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /editorder.php. | ||||
| CVE-2022-43226 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2025-05-02 | 8.8 High |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/?page=appointments/view_appointment. | ||||
| CVE-2022-43068 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2025-05-02 | 7.2 High |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_reservation. | ||||
| CVE-2022-43066 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2025-05-02 | 7.2 High |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/classes/Master.php?f=delete_message. | ||||
| CVE-2022-41551 | 1 Garage Management System Project | 1 Garage Management System | 2025-05-02 | 7.2 High |
| Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editorder.php. | ||||
| CVE-2020-36084 | 1 Jkev | 1 Responsive E-learning System | 2025-05-02 | 9.8 Critical |
| SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0 allows remote attackers to inject sql query in /elearning/delete_teacher_students.php?id= parameter via id field. | ||||
| CVE-2025-22928 | 1 Os4ed | 1 Opensis | 2025-05-02 | 9.8 Critical |
| OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the cp_id parameter at /modules/messages/Inbox.php. | ||||
| CVE-2024-55496 | 1 1000projects | 1 Bookstore Management System | 2025-05-02 | 9.1 Critical |
| A vulnerability has been found in the 1000projects Bookstore Management System PHP MySQL Project 1.0. This issue affects some unknown functionality of add_company.php. Actions on the delete parameter result in SQL injection. | ||||
| CVE-2024-48580 | 2 Mayurik, Php | 2 Best Courier Management System, Best Courier Management System | 2025-05-02 | 9.8 Critical |
| SQL Injection vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the email parameter of the login request. | ||||
| CVE-2024-48259 | 1 Magicbug | 1 Cloudlog | 2025-05-02 | 7.3 High |
| Cloudlog 2.6.15 allows Oqrs.php request_form SQL injection via station_id or callsign. | ||||
| CVE-2024-24407 | 1 Mayurik | 1 Best Courier Management System | 2025-05-02 | 5.3 Medium |
| SQL Injection vulnerability in Best Courier management system v.1.0 allows a remote attacker to obtain sensitive information via print_pdets.php component. | ||||
| CVE-2024-22983 | 1 Projectworlds | 2 Visitor Management System, Visitor Management System In Php | 2025-05-02 | 8.1 High |
| SQL injection vulnerability in Projectworlds Visitor Management System in PHP v.1.0 allows a remote attacker to escalate privileges via the name parameter in the myform.php endpoint. | ||||
| CVE-2025-25992 | 1 Feminer Wms Project | 1 Feminer Wms | 2025-05-02 | 5.1 Medium |
| SQL Injection vulnerability in FeMiner wms 1.0 allows a remote attacker to obtain sensitive information via the inquire_inout_item.php component. | ||||
| CVE-2025-25993 | 1 Feminer Wms Project | 1 Feminer Wms | 2025-05-02 | 5.1 Medium |
| SQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive information via the parameter "itemid." | ||||
| CVE-2025-25994 | 1 Feminer Wms Project | 1 Feminer Wms | 2025-05-02 | 7.5 High |
| SQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive information via the parameters date1, date2, id. | ||||
| CVE-2022-41259 | 1 Sap | 1 Sql Anywhere | 2025-05-02 | 6.5 Medium |
| SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor. | ||||
| CVE-2022-43227 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2025-05-02 | 7.2 High |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/admin/?page=appointments/view_appointment. | ||||
| CVE-2022-3494 | 1 Really-simple-plugins | 1 Complianz | 2025-05-01 | 8.8 High |
| The Complianz WordPress plugin before 6.3.4, and Complianz Premium WordPress plugin before 6.3.6 allow a translators to inject arbitrary SQL through an unsanitized translation. SQL can be injected through an infected translation file, or by a user with a translator role through translation plugins such as Loco Translate or WPML. | ||||
| CVE-2022-3481 | 1 Opmc | 1 Woocommerce Dropshipping | 2025-05-01 | 9.8 Critical |
| The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection | ||||
| CVE-2022-41671 | 1 Schneider-electric | 2 Ecostruxure Operator Terminal Expert, Pro-face Blue | 2025-05-01 | 7 High |
| A CWE-89: Improper Neutralization of Special Elements used in SQL Command (‘SQL Injection’) vulnerability exists that allows adversaries with local user privileges to craft a malicious SQL query and execute as part of project migration which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior). | ||||