Export limit exceeded: 18760 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18760 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-8497 | 2 Anisha, Code-projects | 2 Online Medicine Guide, Online Medicine Guide | 2025-09-29 | 7.3 High |
| A weakness has been identified in code-projects Online Medicine Guide 1.0. This affects an unknown part of the file /cusfindphar2.php. This manipulation of the argument Search causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-5078 | 2 Campcodes, Phpgurukul | 2 Online Shopping Portal, Online Shopping Portal | 2025-09-29 | 7.3 High |
| A vulnerability was detected in PHPGurukul/Campcodes Online Shopping Portal 1.0. Affected is an unknown function of the file /admin/subcategory.php. Performing manipulation of the argument Category results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. | ||||
| CVE-2025-5079 | 2 Campcodes, Phpgurukul | 2 Online Shopping Portal, Online Shopping Portal | 2025-09-29 | 7.3 High |
| A flaw has been found in PHPGurukul/Campcodes Online Shopping Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/updateorder.php. Executing manipulation of the argument remark can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. | ||||
| CVE-2025-7610 | 2 Anisha, Code-projects | 2 Electricity Billing System, Electricity Billing System | 2025-09-29 | 7.3 High |
| A vulnerability was found in code-projects Electricity Billing System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user/change_password.php. The manipulation of the argument new_password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7594 | 1 Anisha | 1 Job Diary | 2025-09-29 | 7.3 High |
| A vulnerability was found in code-projects Job Diary 1.0. It has been classified as critical. This affects an unknown part of the file /view-emp.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7593 | 1 Anisha | 1 Job Diary | 2025-09-29 | 7.3 High |
| A vulnerability was found in code-projects Job Diary 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view-all.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7559 | 1 Phpgurukul | 1 Online Fire Reporting System | 2025-09-29 | 6.3 Medium |
| A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. This affects an unknown part of the file /admin/bwdates-report-result.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-7221 | 1 Oretnom23 | 1 School Log Management System | 2025-09-29 | 6.3 Medium |
| A vulnerability was determined in SourceCodester/Campcodes School Log Management System 1.0. This affects an unknown part of the file /admin/manage_user.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2024-7220 | 2 Oretnom23, Sourcecodester | 2 School Log Management System, School Log Management System | 2025-09-29 | 6.3 Medium |
| A vulnerability was found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/print_barcode.php. The manipulation of the argument tbl results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. | ||||
| CVE-2024-7219 | 2 Oretnom23, Sourcecodester | 2 School Log Management System, School Log Management System | 2025-09-29 | 7.3 High |
| A vulnerability has been found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-57606 | 1 Guojusoft | 1 Jeecgboot | 2025-09-29 | 7.5 High |
| SQL injection vulnerability in Beijing Guoju Information Technology Co., Ltd JeecgBoot v.3.7.2 allows a remote attacker to obtain sensitive information via the getTotalData component. | ||||
| CVE-2024-54761 | 1 Bigantsoft | 1 Bigant Office Messenger 5 | 2025-09-29 | 6.3 Medium |
| BigAnt Office Messenger 5.6.06 is vulnerable to SQL Injection via the 'dev_code' parameter. | ||||
| CVE-2025-3231 | 1 Phpgurukul | 1 Zoo Management System | 2025-09-27 | 7.3 High |
| A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. This issue affects some unknown processing of the file /aboutus.php. The manipulation of the argument pagetitle/pagedes leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-3767 | 1 Phpgurukul | 2 News Portal, News Portal Project | 2025-09-27 | 6.3 Medium |
| A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability affects unknown code of the file /admin/edit-post.php. The manipulation of the argument posttitle/category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3173 | 1 Projectworlds | 1 Online Lawyer Management System | 2025-09-27 | 7.3 High |
| A vulnerability, which was classified as critical, was found in Project Worlds Online Lawyer Management System 1.0. Affected is an unknown function of the file /save_booking.php. The manipulation of the argument lawyer_id/description leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4331 | 1 Senior-walter | 1 Online Student Clearance System | 2025-09-27 | 7.3 High |
| A vulnerability classified as critical was found in SourceCodester Online Student Clearance System 1.0. This vulnerability affects unknown code of the file /Admin/login.php. The manipulation of the argument id/username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-1061 | 1 Doctors Appointment System Project | 1 Doctors Appointment System | 2025-09-27 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/edit-doc.php. The manipulation of the argument email/oldmail leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-1059 | 1 Doctors Appointment System Project | 1 Doctors Appointment System | 2025-09-27 | 6.3 Medium |
| A vulnerability classified as critical was found in SourceCodester Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/doctors.php of the component Parameter Handler. The manipulation of the argument search/id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-0296 | 1 Code-projects | 1 Online Book Shop | 2025-09-27 | 6.3 Medium |
| A vulnerability was found in code-projects Online Book Shop 1.0. It has been classified as critical. This affects an unknown part of the file /booklist.php. The manipulation of the argument subcatid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4191 | 1 Phpgurukul | 1 Employee Record Management System | 2025-09-27 | 7.3 High |
| A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /editmyeducation.php. The manipulation of the argument coursepg/yophsc leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||