Export limit exceeded: 18206 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18206 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-29391 | 1 Horvey | 1 Library-manager | 2025-04-22 | 7.2 High |
| horvey Library-Manager v1.0 is vulnerable to SQL Injection in Admin/Controller/BookController.class.php. | ||||
| CVE-2024-40068 | 1 Oretnom23 | 1 Online Id Generator System | 2025-04-22 | 5.9 Medium |
| Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at id_generator/admin/?page=templates/manage_template&id=1. | ||||
| CVE-2024-40072 | 1 Oretnom23 | 1 Online Id Generator System | 2025-04-22 | 9.8 Critical |
| Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at id_generator/admin/?page=generate/index&id=1. | ||||
| CVE-2024-40073 | 1 Oretnom23 | 1 Online Id Generator System | 2025-04-22 | 9.8 Critical |
| Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the template parameter at id_generator/admin/?page=generate&template=4. | ||||
| CVE-2024-34226 | 1 Oretnom23 | 1 Visitor Management System | 2025-04-22 | 9.4 Critical |
| SQL injection vulnerability in /php-sqlite-vms/?page=manage_visitor&id=1 in SourceCodester Visitor Management System 1.0 allow attackers to execute arbitrary SQL commands via the id parameters. | ||||
| CVE-2024-25897 | 1 Churchcrm | 1 Churchcrm | 2025-04-22 | 9.8 Critical |
| ChurchCRM 5.5.0 FRCatalog.php is vulnerable to Blind SQL Injection (Time-based) via the CurrentFundraiser GET parameter. | ||||
| CVE-2022-38488 | 1 Logrocket-oauth2-example Project | 1 Logrocket-oauth2-example | 2025-04-22 | 9.8 Critical |
| logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter. | ||||
| CVE-2022-30002 | 1 Angeljudesuarez | 1 Insurance Management System | 2025-04-22 | 7.2 High |
| Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nominee_id=. | ||||
| CVE-2022-30000 | 1 Angeljudesuarez | 1 Insurance Management System | 2025-04-22 | 9.8 Critical |
| Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editPayment.php?recipt_no=. | ||||
| CVE-2022-30001 | 1 Angeljudesuarez | 1 Insurance Management System | 2025-04-22 | 9.8 Critical |
| Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editAgent.php?agent_id=. | ||||
| CVE-2024-1926 | 1 Mayurik | 1 Free And Open Source Inventory Management System | 2025-04-22 | 6.3 Medium |
| A vulnerability was found in SourceCodester Free and Open Source Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /app/ajax/search_sales_report.php. The manipulation of the argument customer leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-254861 was assigned to this vulnerability. | ||||
| CVE-2022-29999 | 1 Angeljudesuarez | 1 Insurance Management System | 2025-04-22 | 9.8 Critical |
| Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editClient.php?client_id=. | ||||
| CVE-2022-27124 | 1 Angeljudesuarez | 1 Insurance Management System | 2025-04-22 | 9.8 Critical |
| Insurance Management System 1.0 was discovered to contain a SQL injection vulnerability via the username parameter. | ||||
| CVE-2022-29998 | 1 Angeljudesuarez | 1 Insurance Management System | 2025-04-22 | 9.8 Critical |
| Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/clientStatus.php?client_id=. | ||||
| CVE-2024-1971 | 1 Surya2developer | 1 Online Shopping System | 2025-04-22 | 7.3 High |
| A vulnerability has been found in Surya2Developer Online Shopping System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php of the component POST Parameter Handler. The manipulation of the argument password with the input nochizplz'+or+1%3d1+limit+1%23 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-255127. | ||||
| CVE-2025-22957 | 1 Zzcms | 1 Zzcms | 2025-04-22 | 9.8 Critical |
| A SQL injection vulnerability exists in the front-end of the website in ZZCMS <= 2023, which can be exploited without any authentication. This vulnerability could potentially allow attackers to gain unauthorized access to the database and extract sensitive information. | ||||
| CVE-2025-29369 | 1 Carmelogarcia | 1 Matrimonial Site | 2025-04-22 | 9.8 Critical |
| Code-Projects Matrimonial Site V1.0 is vulnerable to SQL Injection in /view_profile.php?id=1. | ||||
| CVE-2025-0948 | 1 Angeljudesuarez | 1 Tailoring Management System | 2025-04-22 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System 1.0. This affects an unknown part of the file incview.php. The manipulation of the argument incid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2022-46443 | 1 Bangresto Project | 1 Bangresto | 2025-04-22 | 8.8 High |
| mesinkasir Bangresto 1.0 is vulnberable to SQL Injection via the itemqty%5B%5D parameter. | ||||
| CVE-2022-46051 | 1 Aerocms Project | 1 Aerocms | 2025-04-22 | 7.2 High |
| The approve parameter from the AeroCMS-v0.0.1 CMS system is vulnerable to SQL injection attacks. | ||||