Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
openDCIM through 23.04 allows SQL injection in people_depts.php because prepared statements are not used.
CVE-2026-28516
CRITICAL CVSS 9.3
Find Similar
openDCIM version 23.04, through commit 4467e9c4, contains a SQL injection vulnerability in Config::UpdateParameter. The install.php and container-install.php handlers pass user-supplied input directly
CVE-2025-45065
CRITICAL CVSS 9.8
Find Similar
employee record management system in php and mysql v1 was discovered to contain a SQL injection vulnerability via the loginerms.php endpoint.
CVE-2025-22928
CRITICAL CVSS 9.8
Find Similar
OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the cp_id parameter at /modules/messages/Inbox.php.
SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_complaint.
A SQL Injection vulnerability was found in /admin/edit_subject.php in kashipara E-learning Management System Project 1.0 via the unit parameter.
CVE-2025-46192
CRITICAL CVSS 9.8
Find Similar
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_payment_update.php via the order_id POST parameter.
A vulnerability was found in itsourcecode Tailoring Management System 1.0 and classified as critical. This issue affects some unknown processing of the file staffview.php. The manipulation of the argu
CVE-2025-44192
CRITICAL CVSS 9.8
Find Similar
SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_clearance.
CVE-2026-37347
CRITICAL CVSS 9.1
Find Similar
SourceCodester Payroll Management and Information System v1.0 is vulnerable to SQL Injection in the file /payroll/view_employee.php.
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in the file /orms/admin/activities/manage_activity.php.
A SQL injection vulnerability in manage_damage.php in Sourcecodester Computer Laboratory Management System v1.0 allows an authenticated attacker to execute arbitrary SQL commands via the "id" paramete
A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. This manipulation of the argument ID causes sql injection.
SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_household.
CVE-2025-22930
CRITICAL CVSS 9.8
Find Similar
OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the groupid parameter at /messaging/Group.php.
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_department.php.
Page 1+ Next →