Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2024-42566
CRITICAL CVSS 9.8
Find Similar
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the password parameter at login.php
CVE-2024-42570
CRITICAL CVSS 9.8
Find Similar
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at admininsert.php.
CVE-2024-42569
CRITICAL CVSS 9.8
Find Similar
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at paidclass.php.
CVE-2024-42575
CRITICAL CVSS 9.8
Find Similar
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at substaff.php.
CVE-2024-42574
CRITICAL CVSS 9.8
Find Similar
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at attendance.php.
CVE-2024-42571
CRITICAL CVSS 9.8
Find Similar
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at insertattendance.php.
CVE-2024-42567
CRITICAL CVSS 9.8
Find Similar
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the sid parameter at /search.php?action=2.
CVE-2024-42572
CRITICAL CVSS 9.8
Find Similar
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at unitmarks.php.
CVE-2024-42573
CRITICAL CVSS 9.8
Find Similar
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at dtmarks.php.
CVE-2024-42568
CRITICAL CVSS 9.8
Find Similar
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the transport parameter at vehicle.php.
phpgurukul Student Management System 1.0 is vulnerable to SQL Injection in studentms/admin/search.php via the searchdata parameter.
CVE-2024-50833
CRITICAL CVSS 9.8
Find Similar
A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters.
A SQL injection vulnerability in /smsa/admin_login.php in Kashipara Responsive School Management System v3.2.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter of the
PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple SQL injection vulnerabilities at /studentrecordms/login.php via the username and password parameters.
CVE-2024-41237
CRITICAL CVSS 9.8
Find Similar
A SQL injection vulnerability in /smsa/teacher_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter.
A SQL Injection vulnerability was found in /admin/edit_subject.php in kashipara E-learning Management System Project 1.0 via the unit parameter.
A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter.
A SQL Injection vulnerability was found in /search_class.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized databas
A vulnerability was detected in 1000projects Design & Development of Student Database Management System 1.0. Affected is an unknown function of the file /TeacherLogin/Academics/SubjectDetails.php. The
Page 1+ Next →