Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
ChurchCRM is an open-source church management system. A SQL Injection vulnerability exists in endpoint `/PaddleNumEditor.php` in ChurchCRM prior to version 6.7.2. Any authenticated user, including one
SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_complaint.
A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limi
A SQL Injection vulnerability was found in /admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the email POST request parameter.
A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. Th
A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been declared as critical. This vulnerability affects unknown code of the file /normal-search.php. The manipulation
ChurchCRM is an open-source church management system. Prior to 7.1.0, an SQL injection vulnerability was found in the endpoint /MemberRoleChange.php in ChurchCRM 7.0.5. Authenticated users with the ro
CVE-2025-40657
CRITICAL CVSS 9.3
Find Similar
A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the codform parameter in /modules/for
A vulnerability has been found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/admin-prof
A time-based blind SQL injection vulnerability was identified in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability exists in the manage-companies.php file and allows remote attac
CVE-2025-68400
CRITICAL CVSS 9.3
Find Similar
ChurchCRM is an open-source church management system. A SQL Injection vulnerability exists in the legacy endpoint `/Reports/ConfirmReportEmail.php` in ChurchCRM prior to version 6.5.3. Although the fe
A SQL Injection vulnerability was found in /search_class.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized databas
CVE-2024-55099
CRITICAL CVSS 9.8
Find Similar
A SQL Injection vulnerability was found in /admin/index.php in phpgurukul Online Nurse Hiring System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database
SQL injection vulnerability in TCMAN GIM v11 in version 20250304. This vulnerability allows an attacker to retrieve, create, update, and delete databases by sending a GET request using the 'idmant' pa
Boolean SQL injection vulnerability in the web app of Base Digitale Group spa product Centrax Open PSIM version 6.1 allows a low level priviliged user that has access to the platform, to execute arbit
An SQL injection vulnerability exists in Commvault 11.32.0 - 11.32.93, 11.36.0 - 11.36.51, and 11.38.0 - 11.38.19 Web Server component that allows a remote, unauthenticated attacker to perform SQL Inj
A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /admin/manage-card.php. The m
A flaw has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. This impacts an unknown function of the file /user/controller.php. Executing a manipulation can lead to sql i
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /birthing_form.php. The manipulation