Total
14138 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-4906 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-02-20 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/show_student1.php. The manipulation of the argument grade leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-264441 was assigned to this vulnerability. | ||||
| CVE-2025-1206 | 1 Codezips | 1 Gym Management System | 2025-02-20 | 6.3 Medium |
| A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. This affects an unknown part of the file /dashboard/admin/viewdetailroutine.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2021-44779 | 1 \[gwa\] Autoresponder Project | 1 \[gwa\] Autoresponder | 2025-02-20 | 7.3 High |
| Unauthenticated SQL Injection (SQLi) vulnerability discovered in [GWA] AutoResponder WordPress plugin (versions <= 2.3), vulnerable at (&listid). No patched version available, plugin closed. | ||||
| CVE-2022-25607 | 1 Foliovision | 1 Fv Flowplayer Video Player | 2025-02-20 | 6.6 Medium |
| Authenticated (author or higher user role) SQL Injection (SQLi) vulnerability discovered in FV Flowplayer Video Player WordPress plugin (versions <= 7.5.15.727). | ||||
| CVE-2022-29419 | 1 3xsocializer Project | 1 3xsocializer | 2025-02-20 | 6 Medium |
| SQL Injection (SQLi) vulnerability in Don Crowther's 3xSocializer plugin <= 0.98.22 at WordPress possible for users with a low role like a subscriber or higher. | ||||
| CVE-2022-29410 | 1 Hermit Project | 1 Hermit | 2025-02-20 | 7.4 High |
| Authenticated SQL Injection (SQLi) vulnerability in Mufeng's Hermit 音乐播放器 plugin <= 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via (&ids). | ||||
| CVE-2022-29411 | 1 Hermit Project | 1 Hermit | 2025-02-20 | 8.3 High |
| SQL Injection (SQLi) vulnerability in Mufeng's Hermit 音乐播放器 plugin <= 3.1.6 on WordPress allows attackers to execute SQLi attack via (&id). | ||||
| CVE-2022-33960 | 1 Supsystic | 1 Social Share Buttons | 2025-02-20 | 8.5 High |
| Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. | ||||
| CVE-2022-30998 | 1 Homepage Product Organizer For Woocommerce Project | 1 Homepage Product Organizer For Woocommerce | 2025-02-20 | 9.1 Critical |
| Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress. | ||||
| CVE-2024-54960 | 2025-02-20 | 6.5 Medium | ||
| A SQL Injection vulnerability in Nagios XI 2024R1.2.2 allows a remote attacker to execute SQL injection via a crafted payload in the History Tab component. | ||||
| CVE-2022-42497 | 1 Api2cart | 1 Api2cart Bridge Connector | 2025-02-20 | 10 Critical |
| Arbitrary Code Execution vulnerability in Api2Cart Bridge Connector plugin <= 1.1.0 on WordPress. | ||||
| CVE-2022-33965 | 1 Plugins-market | 1 Wp Visitor Statistics | 2025-02-20 | 9.3 Critical |
| Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities in Osamaesh WP Visitor Statistics plugin <= 5.7 at WordPress. | ||||
| CVE-2022-36394 | 1 Contest-gallery | 1 Contest Gallery | 2025-02-20 | 7.6 High |
| Authenticated (author+) SQL Injection (SQLi) vulnerability in Contest Gallery plugin <= 17.0.4 at WordPress. | ||||
| CVE-2021-36898 | 1 Expresstech | 1 Quiz And Survey Master | 2025-02-20 | 9.1 Critical |
| Auth. SQL Injection (SQLi) vulnerability in Quiz And Survey Master plugin <= 7.3.4 on WordPress. | ||||
| CVE-2022-45822 | 1 Elbtide | 1 Advanced Booking Calendar | 2025-02-20 | 10 Critical |
| Unauth. SQL Injection (SQLi) vulnerability in Advanced Booking Calendar plugin <= 1.7.1 on WordPress. | ||||
| CVE-2022-44588 | 1 Blocksera | 1 Cryptocurrency Widgets Pack | 2025-02-20 | 9.9 Critical |
| Unauth. SQL Injection vulnerability in Cryptocurrency Widgets Pack Plugin <=1.8.1 on WordPress. | ||||
| CVE-2024-2916 | 1 Campcodes | 1 House Rental Management System | 2025-02-20 | 7.3 High |
| A vulnerability was found in Campcodes House Rental Management System 1.0. It has been classified as critical. Affected is an unknown function of the file ajax.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257982 is the identifier assigned to this vulnerability. | ||||
| CVE-2024-2927 | 1 Anisha | 1 Mobile Shop | 2025-02-20 | 7.3 High |
| A vulnerability was found in code-projects Mobile Shop 1.0. It has been classified as critical. Affected is an unknown function of the file Details.php of the component Login Page. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258000. | ||||
| CVE-2024-2938 | 1 Campcodes | 1 Online Examination System | 2025-02-20 | 6.3 Medium |
| A vulnerability was found in Campcodes Online Examination System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /adminpanel/admin/facebox_modal/updateCourse.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258029 was assigned to this vulnerability. | ||||
| CVE-2023-50847 | 1 Welcart | 1 Welcart E-commerce | 2025-02-20 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Collne Inc. Welcart e-Commerce.This issue affects Welcart e-Commerce: from n/a through 2.9.3. | ||||