Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Gumbo CMS 0.99 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the language parameter. Attackers can
AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the director parameter. Attackers
A SQL Injection vulnerability was found in /admin/bwdates-reports-details.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the " todate" POST requ
AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the country parameter. Attackers
A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL command via
A time-based blind SQL injection vulnerability was identified in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability exists in the manage-companies.php file and allows remote attac
OpenBiz Cubi Lite 3.0.8 contains a SQL injection vulnerability in the login form that allows unauthenticated attackers to manipulate database queries through the username parameter. Attackers can subm
CVE-2024-58301
CRITICAL CVSS 9.3
Find Similar
Purei CMS 1.0 contains a time-based blind SQL injection vulnerability that allows attackers to manipulate database queries through unfiltered user input parameters. Attackers can exploit vulnerable en
A vulnerability, which was classified as critical, was found in Project Worlds Student Project Allocation System 1.0. Affected is an unknown function of the file /student/project_selection/project_sel
A SQL Injection vulnerability was found in /admin/edit_subject.php in kashipara E-learning Management System Project 1.0 via the unit parameter.
SAT CFDI 3.3 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'id' parameter in the signIn endpoint. Attackers can submit
A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. This issue affects some unknown processing of the file /tracking/admin/view_csprofile.php. The
A SQL Injection vulnerability has been identified in EPICOR Prophet 21 (P21) up to 23.2.5232. This vulnerability allows authenticated remote attackers to execute arbitrary SQL commands through unsanit
CVE-2024-50706
CRITICAL CVSS 9.8
Find Similar
Unauthenticated SQL injection vulnerability in Uniguest Tripleplay version 23.1+ allows remote attackers to execute arbitrary SQL queries on the backend database.
AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the year parameter. Attackers can
CVE-2024-13979
CRITICAL CVSS 9.3
Find Similar
A SQL injection vulnerability exists in the St. Joe ERP system ("圣乔ERP系统") that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login en
A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0 in /Scheduling/pages/profile_update.php. Manipulating the parameter username will cause SQL injection attacks.
SQL Injection vulnerability in Student Record system Using PHP and MySQL v.3.20 allows a remote attacker to obtain sensitive information via a crafted payload to the $cshortname, $cfullname, and $cdat
A vulnerability was found in Code-Projects Online Class and Exam Scheduling System 1.0 in the file /Scheduling/pages/class_save.php. Manipulation of parameter class will lead to SQL injection attacks.