Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
seaweedfs v3.68 was discovered to contain a SQL injection vulnerability via the component /abstract_sql/abstract_sql_store.go.
CVE-2025-44072
CRITICAL CVSS 9.8
Find Similar
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_manager.php.
CVE-2025-44073
CRITICAL CVSS 9.8
Find Similar
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_comment_news.php.
CVE-2024-44921
CRITICAL CVSS 9.8
Find Similar
SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del.
CVE-2025-44074
CRITICAL CVSS 9.8
Find Similar
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_topic.php.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Surfer Surfer surferseo allows SQL Injection.This issue affects Surfer: from n/a through <= 1.5.0.
A SQL injection vulnerability was discovered in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability allows remote attackers to execute arbitrary SQL code via the category and categ
CVE-2024-57031
CRITICAL CVSS 9.8
Find Similar
WeGIA < 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the id_funcionario parameter.
A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limi
CVE-2025-34162
CRITICAL CVSS 9.3
Find Similar
An unauthenticated SQL injection vulnerability exists in the GetLyfsByParams endpoint of Bian Que Feijiu Intelligent Emergency and Quality Control System, accessible via the /AppService/BQMedical/WebS
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in fs-code FS Poster fs-poster.This issue affects FS Poster: from n/a through <= 6.5.8.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Car
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the p1 parameter. Attacke
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 an
A vulnerability was found in PHPGurukul Dairy Farm Shop Management System 1.3 and classified as critical. Affected by this issue is some unknown functionality of the file /search-product.php. The mani
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attac
A vulnerability was identified in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This affects an unknown function of the file /index.ph of the component Login. Such
A vulnerability, which was classified as critical, has been found in SeaCMS up to 13.3. This issue affects some unknown processing of the file /admin_link.php?action=delall. The manipulation of the ar
CVE-2024-54842
CRITICAL CVSS 9.8
Find Similar
A SQL injection vulnerability was found in phpgurukul Online Nurse Hiring System v1.0 in /admin/password-recovery.php via the mobileno parameter.
Page 1+ Next →