Export limit exceeded: 339348 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18252 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18252 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-30998 | 1 Homepage Product Organizer For Woocommerce Project | 1 Homepage Product Organizer For Woocommerce | 2025-02-20 | 9.1 Critical |
| Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress. | ||||
| CVE-2022-42497 | 1 Api2cart | 1 Api2cart Bridge Connector | 2025-02-20 | 10 Critical |
| Arbitrary Code Execution vulnerability in Api2Cart Bridge Connector plugin <= 1.1.0 on WordPress. | ||||
| CVE-2022-36394 | 1 Contest-gallery | 1 Contest Gallery | 2025-02-20 | 7.6 High |
| Authenticated (author+) SQL Injection (SQLi) vulnerability in Contest Gallery plugin <= 17.0.4 at WordPress. | ||||
| CVE-2021-36898 | 1 Expresstech | 1 Quiz And Survey Master | 2025-02-20 | 9.1 Critical |
| Auth. SQL Injection (SQLi) vulnerability in Quiz And Survey Master plugin <= 7.3.4 on WordPress. | ||||
| CVE-2022-45822 | 1 Elbtide | 1 Advanced Booking Calendar | 2025-02-20 | 10 Critical |
| Unauth. SQL Injection (SQLi) vulnerability in Advanced Booking Calendar plugin <= 1.7.1 on WordPress. | ||||
| CVE-2022-44588 | 1 Blocksera | 1 Cryptocurrency Widgets Pack | 2025-02-20 | 9.9 Critical |
| Unauth. SQL Injection vulnerability in Cryptocurrency Widgets Pack Plugin <=1.8.1 on WordPress. | ||||
| CVE-2024-2916 | 1 Campcodes | 1 House Rental Management System | 2025-02-20 | 7.3 High |
| A vulnerability was found in Campcodes House Rental Management System 1.0. It has been classified as critical. Affected is an unknown function of the file ajax.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257982 is the identifier assigned to this vulnerability. | ||||
| CVE-2024-2927 | 1 Anisha | 1 Mobile Shop | 2025-02-20 | 7.3 High |
| A vulnerability was found in code-projects Mobile Shop 1.0. It has been classified as critical. Affected is an unknown function of the file Details.php of the component Login Page. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258000. | ||||
| CVE-2024-2938 | 1 Campcodes | 1 Online Examination System | 2025-02-20 | 6.3 Medium |
| A vulnerability was found in Campcodes Online Examination System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /adminpanel/admin/facebox_modal/updateCourse.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258029 was assigned to this vulnerability. | ||||
| CVE-2023-43493 | 1 Welcart | 1 Welcart E-commerce | 2025-02-20 | 4.9 Medium |
| SQL injection vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain sensitive information. | ||||
| CVE-2023-50847 | 1 Welcart | 1 Welcart E-commerce | 2025-02-20 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Collne Inc. Welcart e-Commerce.This issue affects Welcart e-Commerce: from n/a through 2.9.3. | ||||
| CVE-2023-43610 | 1 Welcart | 1 Welcart E-commerce | 2025-02-20 | 8.8 High |
| SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor (without setting authority) or higher privilege to perform unintended database operations. | ||||
| CVE-2024-2941 | 1 Campcodes | 1 Online Examination System | 2025-02-20 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in Campcodes Online Examination System 1.0. Affected by this issue is some unknown functionality of the file /adminpanel/admin/query/loginExe.php. The manipulation of the argument pass leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258032. | ||||
| CVE-2024-4792 | 1 Campcodes | 1 Online Laundry Management System | 2025-02-20 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in Campcodes Online Laundry Management System 1.0. This issue affects some unknown processing of the file /admin_class.php. The manipulation of the argument id/delete_category/delete_inv/delete_laundry/delete_supply/delete_user/login/save_inv/save_user leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263891. | ||||
| CVE-2024-4793 | 1 Campcodes | 1 Online Laundry Management System | 2025-02-20 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in Campcodes Online Laundry Management System 1.0. Affected is an unknown function of the file /manage_laundry.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263892. | ||||
| CVE-2024-4794 | 1 Campcodes | 1 Online Laundry Management System | 2025-02-20 | 6.3 Medium |
| A vulnerability has been found in Campcodes Online Laundry Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manage_receiving.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263893 was assigned to this vulnerability. | ||||
| CVE-2024-4795 | 1 Campcodes | 1 Online Laundry Management System | 2025-02-20 | 6.3 Medium |
| A vulnerability was found in Campcodes Online Laundry Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /manage_user.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-263894 is the identifier assigned to this vulnerability. | ||||
| CVE-2024-4796 | 1 Campcodes | 1 Online Laundry Management System | 2025-02-20 | 6.3 Medium |
| A vulnerability was found in Campcodes Online Laundry Management System 1.0. It has been classified as critical. This affects an unknown part of the file /manage_inv.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263895. | ||||
| CVE-2024-2942 | 1 Campcodes | 1 Online Examination System | 2025-02-20 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in Campcodes Online Examination System 1.0. This affects an unknown part of the file /adminpanel/admin/query/deleteQuestionExe.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258033 was assigned to this vulnerability. | ||||
| CVE-2024-55953 | 1 Dataease | 1 Dataease | 2025-02-20 | 8.1 High |
| DataEase is an open source business analytics tool. Authenticated users can read and deserialize arbitrary files through the background JDBC connection. When constructing the jdbc connection string, the parameters are not filtered. This vulnerability has been fixed in v1.18.27. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||