Export limit exceeded: 18842 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18842 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-25462 | 1 Phpgurukul | 1 Land Record System | 2025-03-28 | 5.5 Medium |
| A SQL Injection vulnerability was found in /admin/add-propertytype.php in PHPGurukul Land Record System Project in PHP v1.0 allows remote attackers to execute arbitrary code via the propertytype POST request parameter. | ||||
| CVE-2025-28011 | 1 Phpgurukul | 1 User Registration \& Login And User Management System | 2025-03-28 | 6.1 Medium |
| A SQL Injection was found in loginsystem/change-password.php in PHPGurukul User Registration & Login and User Management System v3.3 allows remote attackers to execute arbitrary code via the currentpassword POST request parameter. | ||||
| CVE-2025-27103 | 1 Dataease | 1 Dataease | 2025-03-28 | 6.5 Medium |
| DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, a bypass for the patch for CVE-2024-55953 allows authenticated users to read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.6. No known workarounds are available. | ||||
| CVE-2025-25389 | 1 Phpgurukul | 1 Land Record System | 2025-03-28 | 9.8 Critical |
| A SQL Injection vulnerability was found in /admin/forgot-password.php in Phpgurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter. | ||||
| CVE-2025-25876 | 1 Angeljudesuarez | 1 Simple Chatbox | 2025-03-28 | 7.2 High |
| A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /delete.php. The attack can use SQL injection to obtain sensitive data. | ||||
| CVE-2025-25875 | 1 Angeljudesuarez | 1 Simple Chatbox | 2025-03-28 | 6.4 Medium |
| A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /message.php. The attack can use SQL injection to obtain sensitive data. | ||||
| CVE-2025-25388 | 1 Phpgurukul | 1 Land Record System | 2025-03-28 | 9.8 Critical |
| A SQL Injection vulnerability was found in /admin/edit-propertytype.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the editid GET request parameter. | ||||
| CVE-2025-25387 | 1 Phpgurukul | 1 Land Record System | 2025-03-28 | 7.2 High |
| A SQL Injection vulnerability was found in /admin/manage-propertytype.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the propertytype POST request parameter. | ||||
| CVE-2022-46499 | 2 Codeastro, Phpgurukul | 2 Hospital Management System, Hospital Management System | 2025-03-28 | 8.8 High |
| Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the pat_number parameter at his_admin_view_single_patient.php. | ||||
| CVE-2022-46498 | 2 Codeastro, Phpgurukul | 2 Hospital Management System, Hospital Management System | 2025-03-28 | 2.7 Low |
| Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the doc_number parameter at his_admin_view_single_employee.php. | ||||
| CVE-2022-46497 | 2 Codeastro, Phpgurukul | 2 Hospital Management System, Hospital Management System | 2025-03-28 | 8.1 High |
| Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the pat_number parameter at his_doc_view_single_patien.php. | ||||
| CVE-2022-48011 | 1 Opencats | 1 Opencats | 2025-03-28 | 9.8 Critical |
| Opencats v0.9.7 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors function. | ||||
| CVE-2025-25514 | 1 Seacms | 1 Seacms | 2025-03-28 | 6.5 Medium |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_collect_news.php. | ||||
| CVE-2025-25515 | 1 Seacms | 1 Seacms | 2025-03-28 | 8.8 High |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_collect.php that allows an authenticated attacker to exploit the database. | ||||
| CVE-2025-25516 | 1 Seacms | 1 Seacms | 2025-03-28 | 9.8 Critical |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_paylog.php. | ||||
| CVE-2025-25517 | 1 Seacms | 1 Seacms | 2025-03-28 | 9.8 Critical |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_reslib.php. | ||||
| CVE-2025-25519 | 1 Seacms | 1 Seacms | 2025-03-28 | 9.8 Critical |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_zyk.php. | ||||
| CVE-2025-25520 | 1 Seacms | 1 Seacms | 2025-03-28 | 9.8 Critical |
| Seacms <13.3 is vulnerable to SQL Injection in admin_pay.php. | ||||
| CVE-2025-25521 | 1 Seacms | 1 Seacms | 2025-03-28 | 9.8 Critical |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_type_news.php. | ||||
| CVE-2024-29275 | 1 Seacms | 1 Seacms | 2025-03-28 | 9.8 Critical |
| SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticated attackers to execute arbitrary code and obtain sensitive information via the id parameter in class.php. | ||||