Total
15397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-4098 | 1 Qsige | 1 Qsige | 2024-11-21 | N/A | 8.8 HIGH |
| It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application. | |||||
| CVE-2023-4092 | 1 Fujitsu | 1 Arconte Aurea | 2024-11-21 | N/A | 8.8 HIGH |
| SQL injection vulnerability in Arconte Áurea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to read sensitive data from the database, modify data (insert/update/delete), perform database administration operations and, in some cases, execute commands on the operating system. | |||||
| CVE-2023-4037 | 1 Setelsa-security | 1 Conacwin | 2024-11-21 | N/A | 9.9 CRITICAL |
| Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web interface, the exploitation of which could allow a local attacker to obtain sensitive data stored in the database by sending a specially crafted SQL query to the xml parameter. | |||||
| CVE-2023-4034 | 1 Digitatek | 1 Smartrise Document Management System | 2024-11-21 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digita Information Technology Smartrise Document Management System allows SQL Injection.This issue affects Smartrise Document Management System: before Hvl-2.0. | |||||
| CVE-2023-49934 | 1 Schedmd | 1 Slurm | 2024-11-21 | N/A | 9.8 CRITICAL |
| An issue was discovered in SchedMD Slurm 23.11.x. There is SQL Injection against the SlurmDBD database. The fixed version is 23.11.1. | |||||
| CVE-2023-49825 | 1 Pencidesign | 1 Soledad | 2024-11-21 | N/A | 8.5 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1. | |||||
| CVE-2023-49776 | 1 Dmry | 1 Sayfa Sayac | 2024-11-21 | N/A | 9.3 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hakan Demiray Sayfa Sayac.This issue affects Sayfa Sayac: from n/a through 2.6. | |||||
| CVE-2023-49764 | 1 Sigmaplugin | 1 Advanced Database Cleaner | 2024-11-21 | N/A | 7.6 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Younes JFR. Advanced Database Cleaner.This issue affects Advanced Database Cleaner: from n/a through 3.1.2. | |||||
| CVE-2023-49752 | 1 Spoonthemes | 1 Adifier | 2024-11-21 | N/A | 9.3 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spoon themes Adifier - Classified Ads WordPress Theme.This issue affects Adifier - Classified Ads WordPress Theme: from n/a before 3.1.4. | |||||
| CVE-2023-49750 | 1 Spoonthemes | 1 Couponis | 2024-11-21 | N/A | 9.3 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spoonthemes Couponis - Affiliate & Submitting Coupons WordPress Theme.This issue affects Couponis - Affiliate & Submitting Coupons WordPress Theme: from n/a before 2.2. | |||||
| CVE-2023-49708 | 1 Joomstar | 1 Starshop | 2024-11-21 | N/A | 9.8 CRITICAL |
| SQLi vulnerability in Starshop component for Joomla. | |||||
| CVE-2023-49707 | 1 Joomlart | 1 S5 Register | 2024-11-21 | N/A | 9.8 CRITICAL |
| SQLi vulnerability in S5 Register module for Joomla. | |||||
| CVE-2023-49689 | 1 Kashipara | 1 Job Portal | 2024-11-21 | N/A | 9.8 CRITICAL |
| Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'JobId' parameter of the Employer/DeleteJob.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49688 | 1 Kashipara | 1 Job Portal | 2024-11-21 | N/A | 9.8 CRITICAL |
| Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49681 | 1 Kashipara | 1 Job Portal | 2024-11-21 | N/A | 9.8 CRITICAL |
| Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49677 | 1 Kashipara | 1 Job Portal | 2024-11-21 | N/A | 9.8 CRITICAL |
| Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49666 | 1 Kashipara | 1 Billing System | 2024-11-21 | N/A | 9.8 CRITICAL |
| Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'custmer_details' parameter of the submit_material_list.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49665 | 1 Kashipara | 1 Billing Software | 2024-11-21 | N/A | 9.8 CRITICAL |
| Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'quantity[]' parameter of the submit_delivery_list.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49658 | 1 Kashipara | 1 Billing Software | 2024-11-21 | N/A | 9.8 CRITICAL |
| Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'bank_details' parameter of the party_submit.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49639 | 1 Kashipara | 1 Billing Software | 2024-11-21 | N/A | 9.8 CRITICAL |
| Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'customer_details' parameter of the buyer_invoice_submit.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||