Total
15191 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-3152 | 1 Razormist | 1 Online Discussion Forum Site | 2025-04-22 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in SourceCodester Online Discussion Forum Site 1.0. This affects an unknown part of the file admin\posts\view_post.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-231021 was assigned to this vulnerability. | |||||
| CVE-2022-31911 | 1 Razormist | 1 Online Discussion Forum Site | 2025-04-22 | 6.5 MEDIUM | 7.2 HIGH |
| Online Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=delete_team. | |||||
| CVE-2023-3149 | 1 Razormist | 1 Online Discussion Forum Site | 2025-04-22 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been classified as critical. Affected is an unknown function of the file admin\user\manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-231018 is the identifier assigned to this vulnerability. | |||||
| CVE-2013-4809 | 1 Hp | 2 Identity Driven Manager, Procurve Manager | 2025-04-22 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter. | |||||
| CVE-2023-3008 | 1 Kabir-m-alhasan | 1 Student Management System | 2025-04-22 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical has been found in ningzichun Student Management System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument user/pass leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-230355. | |||||
| CVE-2022-46122 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-22 | N/A | 7.2 HIGH |
| Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/categories/view_category.php?id=. | |||||
| CVE-2022-46121 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-22 | N/A | 7.2 HIGH |
| Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/manage_product&id=. | |||||
| CVE-2022-46120 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-22 | N/A | 7.2 HIGH |
| Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/view_product&id=. | |||||
| CVE-2022-46119 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-22 | N/A | 7.2 HIGH |
| Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=categories&c=. | |||||
| CVE-2022-46118 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-22 | N/A | 7.2 HIGH |
| Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=product_per_brand&bid=. | |||||
| CVE-2024-44725 | 1 Autocms Project | 1 Autocms | 2025-04-22 | N/A | 7.2 HIGH |
| AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at /admin/robot.php. | |||||
| CVE-2024-44838 | 1 Openrapid | 1 Rapidcms | 2025-04-22 | N/A | 9.8 CRITICAL |
| RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the username parameter at /resource/runlogin.php. | |||||
| CVE-2024-44839 | 1 Openrapid | 1 Rapidcms | 2025-04-22 | N/A | 9.8 CRITICAL |
| RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the articleid parameter at /default/article.php. | |||||
| CVE-2024-45771 | 1 Openrapid | 1 Rapidcms | 2025-04-22 | N/A | 9.8 CRITICAL |
| RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the password parameter at /resource/runlogin.php. | |||||
| CVE-2025-27135 | 1 Infiniflow | 1 Ragflow | 2025-04-22 | N/A | 9.8 CRITICAL |
| RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. Versions 0.15.1 and prior are vulnerable to SQL injection. The ExeSQL component extracts the SQL statement from the input and sends it directly to the database query. As of time of publication, no patched version is available. | |||||
| CVE-2022-46117 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-22 | N/A | 7.2 HIGH |
| Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=view_product&id=. | |||||
| CVE-2022-46072 | 1 Helmet Store Showroom Project | 1 Helmet Store Showroom | 2025-04-22 | N/A | 9.8 CRITICAL |
| Helmet Store Showroom v1.0 vulnerable to unauthenticated SQL Injection. | |||||
| CVE-2022-46071 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-22 | N/A | 9.8 CRITICAL |
| There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access. | |||||
| CVE-2022-46126 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-21 | N/A | 7.2 HIGH |
| Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/brands/manage_brand.php?id=. | |||||
| CVE-2022-46125 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-21 | N/A | 7.2 HIGH |
| Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=client/manage_client&id=. | |||||