Total
14947 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-52431 | 1 Pressaholic | 1 Wordpress Video Robot | 2024-11-20 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pressaholic WordPress Video Robot - The Ultimate Video Importer allows SQL Injection.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through 1.20.0. | |||||
| CVE-2024-52436 | 1 Wpexperts | 1 Post Smtp | 2024-11-20 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Post SMTP allows Blind SQL Injection.This issue affects Post SMTP: from n/a through 2.9.9. | |||||
| CVE-2024-41679 | 1 Glpi-project | 1 Glpi | 2024-11-20 | N/A | 8.8 HIGH |
| GLPI is a free asset and IT management software package. An authenticated user can exploit a SQL injection vulnerability from the ticket form. Upgrade to 10.0.17. | |||||
| CVE-2024-45608 | 1 Glpi-project | 1 Glpi | 2024-11-20 | N/A | 8.8 HIGH |
| GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17. | |||||
| CVE-2024-11244 | 1 Anisha | 1 Farmacia | 2024-11-20 | 6.5 MEDIUM | 9.8 CRITICAL |
| A vulnerability classified as critical was found in code-projects Farmacia 1.0. This vulnerability affects unknown code of the file /editar-cliente.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-11245 | 1 Anisha | 1 Farmacia | 2024-11-20 | 6.5 MEDIUM | 7.5 HIGH |
| A vulnerability, which was classified as critical, has been found in code-projects Farmacia 1.0. This issue affects some unknown processing of the file /editar-produto.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-11256 | 1 1000projects | 1 Portfolio Management System Mca | 2024-11-19 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. This issue affects some unknown processing of the file /login.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-11257 | 1 1000projects | 1 Beauty Parlour Management System | 2024-11-19 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-11258 | 1 1000projects | 1 Beauty Parlour Management System | 2024-11-19 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-44546 | 2024-11-19 | N/A | 9.8 CRITICAL | ||
| Powerjob >= 3.20 is vulnerable to SQL injection via the version parameter. | |||||
| CVE-2024-11213 | 1 Mayurik | 1 Best Employee Management System | 2024-11-19 | 5.8 MEDIUM | 7.2 HIGH |
| A vulnerability, which was classified as critical, was found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /admin/edit_role.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-11212 | 1 Mayurik | 1 Best Employee Management System | 2024-11-19 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in SourceCodester Best Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/fetch_product_details.php. The manipulation of the argument barcode leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-50972 | 1 Angeljudesuarez | 1 Construction Management System | 2024-11-18 | N/A | 7.2 HIGH |
| A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrow_id parameter. | |||||
| CVE-2024-50971 | 1 Angeljudesuarez | 1 Construction Management System | 2024-11-18 | N/A | 7.2 HIGH |
| A SQL injection vulnerability in print.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the map_id parameter. | |||||
| CVE-2024-50970 | 1 Nikoarroyocuraza | 1 Online Furniture Shopping Project | 2024-11-18 | N/A | 8.8 HIGH |
| A SQL injection vulnerability in orderview1.php of Itsourcecode Online Furniture Shopping Project 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2024-11020 | 1 Vice | 1 Webopac | 2024-11-18 | N/A | 9.8 CRITICAL |
| Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents. | |||||
| CVE-2024-11101 | 1 1000projects | 1 Beauty Parlour Management System | 2024-11-18 | 5.8 MEDIUM | 9.8 CRITICAL |
| A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/search-invoices.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-11100 | 1 1000projects | 1 Beauty Parlour Management System | 2024-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-10990 | 1 Oretnom23 | 1 Online Veterinary Appointment System | 2024-11-18 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability classified as critical was found in SourceCodester Online Veterinary Appointment System 1.0. This vulnerability affects unknown code of the file /admin/services/view_service.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-10991 | 1 Codezips | 1 Hospital Appointment System | 2024-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in Codezips Hospital Appointment System 1.0. This issue affects some unknown processing of the file /editBranchResult.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||