Export limit exceeded: 18886 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18886 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-5225 | 1 Campcodes | 1 Advanced Online Voting System | 2025-05-28 | 7.3 High |
| A vulnerability, which was classified as critical, was found in Campcodes Advanced Online Voting System 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument voter leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5229 | 1 Campcodes | 1 Online Hospital Management System | 2025-05-28 | 7.3 High |
| A vulnerability was found in Campcodes Online Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/view-patient.php. The manipulation of the argument viewid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5246 | 1 Campcodes | 1 Online Hospital Management System | 2025-05-28 | 7.3 High |
| A vulnerability classified as critical was found in Campcodes Online Hospital Management System 1.0. This vulnerability affects unknown code of the file /hms/admin/query-details.php. The manipulation of the argument adminremark leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5298 | 1 Campcodes | 1 Online Hospital Management System | 2025-05-28 | 7.3 High |
| A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /admin/betweendates-detailsreports.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-12964 | 1 1000projects | 1 Daily College Class Work Report Book | 2025-05-28 | 7.3 High |
| A vulnerability was found in 1000 Projects Daily College Class Work Report Book 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument user leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-48814 | 1 Silverpeas | 1 Silverpeas | 2025-05-28 | 7.5 High |
| SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive information via the ViewType parameter of the findbywhereclause function | ||||
| CVE-2024-35409 | 1 Webidsupport | 1 Webid | 2025-05-28 | 9.8 Critical |
| WeBid 1.1.2 is vulnerable to SQL Injection via admin/tax.php. | ||||
| CVE-2025-3242 | 1 Phpgurukul | 1 E-diary Management System | 2025-05-28 | 6.3 Medium |
| A vulnerability has been found in PHPGurukul e-Diary Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /search-result.php. The manipulation of the argument id/searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3211 | 1 Fabianros | 1 Patient Record Management System | 2025-05-28 | 6.3 Medium |
| A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /birthing_print.php. The manipulation of the argument itr_no/birth_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-25775 | 1 Codeastro | 1 Bus Ticket Booking System | 2025-05-28 | 9.8 Critical |
| Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket parameter in /BusTicket-CI/tiket/cekorder. | ||||
| CVE-2024-25168 | 1 Dingflow | 1 Snow | 2025-05-28 | 6.3 Medium |
| SQL injection vulnerability in snow snow v.2.0.0 allows a remote attacker to execute arbitrary code via the dataScope parameter of the system/role/list interface. | ||||
| CVE-2024-28559 | 1 Niushop | 1 B2b2c Multi-business | 2025-05-28 | 8.8 High |
| SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the setPrice() function of the Goodsbatchset.php component. | ||||
| CVE-2024-28560 | 1 Niushop | 1 B2b2c Multi-business | 2025-05-28 | 5.4 Medium |
| SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea() function of the Address.php component. | ||||
| CVE-2023-41504 | 1 Code-projects | 1 Student Enrollment | 2025-05-28 | 8.8 High |
| SQL Injection vulnerability in Student Enrollment In PHP 1.0 allows attackers to run arbitrary code via the Student Search function. | ||||
| CVE-2025-2847 | 1 Codezips | 1 Gym Management System | 2025-05-28 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. This issue affects some unknown processing of the file /dashboard/admin/over_month.php. The manipulation of the argument mm leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-2812 | 1 Mydata | 1 Ticket Sales Automation | 2025-05-28 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mydata Informatics Ticket Sales Automation allows Blind SQL Injection.This issue affects Ticket Sales Automation: before 03.04.2025 (DD.MM.YYYY). | ||||
| CVE-2024-57768 | 1 Jfinaloa Project | 1 Jfinaloa | 2025-05-28 | 9.8 Critical |
| JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component validRoleKey?sysRole.key. | ||||
| CVE-2025-3309 | 1 Adonesevangelista | 1 Online Blood Bank Management System | 2025-05-28 | 7.3 High |
| A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/campsdetails.php. The manipulation of the argument hospital leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3310 | 1 Adonesevangelista | 1 Online Blood Bank Management System | 2025-05-28 | 7.3 High |
| A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the file /admin/delete.php. The manipulation of the argument Search leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-50706 | 1 Uniguest | 1 Tripleplay | 2025-05-28 | 9.8 Critical |
| Unauthenticated SQL injection vulnerability in Uniguest Tripleplay version 23.1+ allows remote attackers to execute arbitrary SQL queries on the backend database. | ||||