Export limit exceeded: 335532 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (335532 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-3708 | 1 Le-show | 1 Le-yan | 2025-05-07 | 9.8 Critical |
| Le-show medical practice management system from Le-yan has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. | ||||
| CVE-2025-3707 | 1 Sun.net | 1 Ehrd Ctms | 2025-05-07 | 6.5 Medium |
| The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL command to read database contents. | ||||
| CVE-2025-3351 | 1 Phpgurukul | 1 Old Age Home Management System | 2025-05-07 | 7.3 High |
| A vulnerability has been found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3350 | 1 Phpgurukul | 1 Old Age Home Management System | 2025-05-07 | 7.3 High |
| A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the file /admin/view-enquiry.php. The manipulation of the argument viewid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3316 | 1 Phpgurukul | 1 Men Salon Management System | 2025-05-07 | 7.3 High |
| A vulnerability was found in PHPGurukul Men Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/search-invoices.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3313 | 1 Phpgurukul | 1 Men Salon Management System | 2025-05-07 | 7.3 High |
| A vulnerability, which was classified as critical, was found in PHPGurukul Men Salon Management System 1.0. Affected is an unknown function of the file /admin/add-customer.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3312 | 1 Phpgurukul | 1 Men Salon Management System | 2025-05-07 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in PHPGurukul Men Salon Management System 1.0. This issue affects some unknown processing of the file /admin/add-customer-services.php. The manipulation of the argument sids[] leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-57235 | 1 Netgear | 2 Rax50, Rax50 Firmware | 2025-05-07 | 6.5 Medium |
| NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. | ||||
| CVE-2024-57234 | 1 Netgear | 2 Rax50, Rax50 Firmware | 2025-05-07 | 6.5 Medium |
| NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. | ||||
| CVE-2024-57233 | 1 Netgear | 2 Rax50, Rax50 Firmware | 2025-05-07 | 6.5 Medium |
| NETGEAR RAX5 (AX1600 WiFi Router) v1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. | ||||
| CVE-2024-57232 | 1 Netgear | 2 Rax50, Rax50 Firmware | 2025-05-07 | 6.5 Medium |
| NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. | ||||
| CVE-2024-57231 | 1 Netgear | 2 Rax50, Rax50 Firmware | 2025-05-07 | 6.5 Medium |
| NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. | ||||
| CVE-2024-57230 | 1 Netgear | 2 Rax50, Rax50 Firmware | 2025-05-07 | 6.5 Medium |
| NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. | ||||
| CVE-2024-57229 | 1 Netgear | 2 Rax50, Rax50 Firmware | 2025-05-07 | 6.5 Medium |
| NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. | ||||
| CVE-2025-3392 | 1 Hailey888 | 1 Oa System | 2025-05-07 | 3.5 Low |
| A vulnerability was found in hailey888 oa_system up to 2025.01.01 and classified as problematic. Affected by this issue is the function Save of the file cn/gson/oasys/controller/mail/MailController.java of the component Backend. The manipulation of the argument MailNumberId leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. | ||||
| CVE-2025-45322 | 1 Lopalopa | 1 Online Service Management Portal | 2025-05-07 | 8.8 High |
| kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in osms/Requester/CheckStatus.php via the checkid parameter. | ||||
| CVE-2025-45321 | 1 Lopalopa | 1 Online Service Management Portal | 2025-05-07 | 8.8 High |
| kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in /osms/Requester/Requesterchangepass.php via the parameter: rPassword. | ||||
| CVE-2025-45320 | 1 Lopalopa | 1 Online Service Management Portal | 2025-05-07 | 7.5 High |
| A Directory Listing Vulnerability was found in the /osms/Requester/ directory of the Kashipara Online Service Management Portal V1.0. | ||||
| CVE-2025-2034 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2025-05-07 | 7.3 High |
| A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit-class.php?cid=1. The manipulation of the argument classname/capacity/classtiming leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-45042 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-05-07 | 9.8 Critical |
| Tenda AC9 v15.03.05.14 was discovered to contain a command injection vulnerability via the Telnet function. | ||||