Total
16292 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-46189 | 1 Lerouxyxchire | 1 Client Database Management System | 2025-05-22 | N/A | 9.8 CRITICAL |
| SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_order_customer_update.php via the order_id POST parameter. | |||||
| CVE-2025-46190 | 1 Lerouxyxchire | 1 Client Database Management System | 2025-05-22 | N/A | 9.8 CRITICAL |
| SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_delivery_update.php via the order_id POST parameter. | |||||
| CVE-2025-46192 | 1 Lerouxyxchire | 1 Client Database Management System | 2025-05-22 | N/A | 9.8 CRITICAL |
| SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_payment_update.php via the order_id POST parameter. | |||||
| CVE-2020-26630 | 1 Phpgurukul | 1 Hospital Management System | 2025-05-22 | N/A | 4.9 MEDIUM |
| A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a special payload in the 'Doctor Specialization' field under the 'Go to Doctors' tab after logging in as an admin. | |||||
| CVE-2022-40122 | 1 Online Banking System Project | 1 Online Banking System | 2025-05-22 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/edit_customer_action.php. | |||||
| CVE-2022-40121 | 1 Online Banking System Project | 1 Online Banking System | 2025-05-22 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search parameter at /net-banking/manage_customers.php. | |||||
| CVE-2022-40120 | 1 Online Banking System Project | 1 Online Banking System | 2025-05-22 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search_term parameter at /net-banking/customer_transactions.php. | |||||
| CVE-2022-40119 | 1 Online Banking System Project | 1 Online Banking System | 2025-05-22 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search_term parameter at /net-banking/transactions.php. | |||||
| CVE-2022-40118 | 1 Online Banking System Project | 1 Online Banking System | 2025-05-22 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/send_funds_action.php. | |||||
| CVE-2022-40117 | 1 Online Banking System Project | 1 Online Banking System | 2025-05-22 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/delete_customer.php. | |||||
| CVE-2022-40113 | 1 Online Banking System Project | 1 Online Banking System | 2025-05-22 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/send_funds.php. | |||||
| CVE-2022-40353 | 1 Online Tours \& Travels Management System Project | 1 Online Tours \& Travels Management System | 2025-05-22 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/up_booking.php. | |||||
| CVE-2022-40352 | 1 Online Tours \& Travels Management System Project | 1 Online Tours \& Travels Management System | 2025-05-22 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_traveller.php. | |||||
| CVE-2022-37209 | 1 Jflyfox | 1 Jfinal Cms | 2025-05-22 | N/A | 8.8 HIGH |
| JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection. | |||||
| CVE-2022-31367 | 1 Strapi | 1 Strapi | 2025-05-22 | N/A | 8.8 HIGH |
| Strapi before 3.6.10 and 4.x before 4.1.10 mishandles hidden attributes within admin API responses. | |||||
| CVE-2025-4785 | 1 Phpgurukul | 1 Daily Expense Tracker System | 2025-05-21 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /user-profile.php. The manipulation of the argument fullname/contactnumber leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4793 | 1 Phpgurukul | 1 Online Course Registration | 2025-05-21 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in PHPGurukul Online Course Registration 3.1. It has been classified as critical. Affected is an unknown function of the file /edit-student-profile.php. The manipulation of the argument cgpa leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4794 | 1 Phpgurukul | 1 Online Course Registration | 2025-05-21 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in PHPGurukul Online Course Registration 3.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /news.php. The manipulation of the argument newstitle leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4808 | 1 Phpgurukul | 1 Park Ticketing Management System | 2025-05-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0 and classified as critical. This issue affects some unknown processing of the file /add-normal-ticket.php. The manipulation of the argument noadult/nochildren/aprice/cprice leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | |||||
| CVE-2025-4772 | 1 Phpgurukul | 1 Online Course Registration | 2025-05-21 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in PHPGurukul Online Course Registration 3.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/department.php. The manipulation of the argument department leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||