Total
14138 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-5926 | 1 Simple Student Information System Project | 1 Simple Student Information System | 2025-02-27 | 5.5 Medium |
| A vulnerability, which was classified as critical, was found in Campcodes Simple Student Information System 1.0. Affected is an unknown function of the file /admin/students/update_status.php. The manipulation of the argument student_id leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-244326 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-5927 | 1 Simple Student Information System Project | 1 Simple Student Information System | 2025-02-27 | 5.5 Medium |
| A vulnerability has been found in Campcodes Simple Student Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/courses/manage_course.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-244327. | ||||
| CVE-2023-5928 | 1 Simple Student Information System Project | 1 Simple Student Information System | 2025-02-27 | 5.5 Medium |
| A vulnerability was found in Campcodes Simple Student Information System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/departments/manage_department.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-244328. | ||||
| CVE-2023-5929 | 1 Simple Student Information System Project | 1 Simple Student Information System | 2025-02-27 | 5.5 Medium |
| A vulnerability was found in Campcodes Simple Student Information System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/students/manage_academic.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-244329 was assigned to this vulnerability. | ||||
| CVE-2024-3221 | 2025-02-27 | 6.3 Medium | ||
| A vulnerability classified as critical was found in SourceCodester PHP Task Management System 1.0. This vulnerability affects unknown code of the file attendance-info.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259066 is the identifier assigned to this vulnerability. | ||||
| CVE-2024-3256 | 1 Chatikobo | 1 Internship Portal Management System | 2025-02-27 | 6.3 Medium |
| A vulnerability has been found in SourceCodester Internship Portal Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/edit_activity.php. The manipulation of the argument activity_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259105 was assigned to this vulnerability. | ||||
| CVE-2024-3347 | 2 Sanchitkmr, Sourcecodester | 2 Airline Ticket Reservation System, Airline Ticket Reservation System | 2025-02-27 | 7.3 High |
| A vulnerability was found in SourceCodester Airline Ticket Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file activate_jet_details_form_handler.php. The manipulation of the argument jet_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259451. | ||||
| CVE-2024-3353 | 1 Sourcecodester | 1 Aplaya Beach Resort Online Reservation System | 2025-02-27 | 7.3 High |
| A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/mod_reports/index.php. The manipulation of the argument categ/end leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259457 was assigned to this vulnerability. | ||||
| CVE-2023-1357 | 1 Simple Bakery Shop Management System Project | 1 Simple Bakery Shop Management System | 2025-02-27 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in SourceCodester Simple Bakery Shop Management System 1.0. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation of the argument username/password with the input admin' or 1=1 -- leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222860. | ||||
| CVE-2023-1360 | 1 Employee Payslip Generator System Project | 1 Employee Payslip Generator System | 2025-02-27 | 4.7 Medium |
| A vulnerability was found in SourceCodester Employee Payslip Generator with Sending Mail 1.2.0 and classified as critical. This issue affects some unknown processing of the file classes/Users.php?f=save of the component New User Creation. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222863. | ||||
| CVE-2023-1361 | 1 Bumsys Project | 1 Bumsys | 2025-02-27 | 6.5 Medium |
| SQL Injection in GitHub repository unilogies/bumsys prior to v2.0.2. | ||||
| CVE-2023-1368 | 1 Xhcms Project | 1 Xhcms | 2025-02-27 | 7.3 High |
| A vulnerability was found in XHCMS 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component POST Parameter Handler. The manipulation of the argument user leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-222874 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-27463 | 1 Siemens | 1 Ruggedcom Crossbow | 2025-02-27 | 8.8 High |
| A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The audit log form of affected applications is vulnerable to SQL injection. This could allow authenticated remote attackers to execute arbitrary SQL queries on the server database. | ||||
| CVE-2023-25615 | 1 Sap | 1 Abap Platform | 2025-02-27 | 6.8 Medium |
| Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the network and gain access to the unintended data. This may lead to a high impact on the confidentiality and no impact on the availability and integrity of the application. | ||||
| CVE-2024-3226 | 1 Campcodes | 1 Online Patient Record Management System | 2025-02-27 | 7.3 High |
| A vulnerability was found in Campcodes Online Patient Record Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/login.php. The manipulation of the argument password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259071. | ||||
| CVE-2023-26905 | 1 Alphaware - Simple E-commerce System Project | 1 Alphaware - Simple E-commerce System | 2025-02-27 | 9.8 Critical |
| An issue was discovered in Alphaware - Simple E-Commerce System v1.0. There is a SQL injection that can directly issue instructions to the background database system via /alphaware/details.php?id. | ||||
| CVE-2023-25206 | 1 Prestashop | 1 Advanced Reviews | 2025-02-27 | 8.8 High |
| PrestaShop ws_productreviews < 3.6.2 is vulnerable to SQL Injection. | ||||
| CVE-2024-13148 | 2025-02-27 | 9.8 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yukseloglu Filter B2B Login Platform allows SQL Injection.This issue affects B2B Login Platform: before 16.01.2025. | ||||
| CVE-2024-30478 | 1 Rocksolidplugins | 1 Bulletin | 2025-02-27 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bulletin WordPress Announcement & Notification Banner Plugin – Bulletin.This issue affects WordPress Announcement & Notification Banner Plugin – Bulletin: from n/a through 3.8.5. | ||||
| CVE-2024-25574 | 1 Deltaww | 1 Diaenergie | 2025-02-27 | 8.8 High |
| SQL injection vulnerability exists in GetDIAE_usListParameters. | ||||