Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
SQL injection vulnerability in the fields of warehouse document filtering form in SIMPLE.ERP software allows logged-in user a malicious query injection. Potential exploitation is limited by the 20-cha
SIMPLE.ERP is vulnerable to the SQL Injection in search functionality in "Obroty na kontach" window. Lack of input validation allows an authenticated attacker to prepare a malicious query to the datab
A SQL injection vulnerability was found in 'ajax.php' of Sourcecodester Simple Library Management System 1.0. This vulnerability stems from insufficient user input validation of the 'username' paramet
CVE-2024-13979
CRITICAL CVSS 9.3
Find Similar
A SQL injection vulnerability exists in the St. Joe ERP system ("圣乔ERP系统") that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login en
Simple Job Script contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the app_id parameter. Attackers can send POST req
A vulnerability was determined in Campcodes Grocery Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_receiving. Executing
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attac
CVE-2025-44192
CRITICAL CVSS 9.8
Find Similar
SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_clearance.
A security vulnerability has been detected in code-projects Simple Laundry System 1.0. Affected by this issue is some unknown functionality of the file /delmemberinfo.php of the component Parameter Ha
A vulnerability was identified in SourceCodester Simple Cafe Billing System 1.0. This affects an unknown function of the file /sales_report.php. The manipulation of the argument month leads to sql inj
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through <= 1.16.10.
A vulnerability was detected in SourceCodester Simple POS and Inventory System 1.0. This issue affects the function delete of the file /admin/deleteproduct.php of the component GET Parameter Handler.
A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This impacts an unknown function of the file /view_category.php of the component HTTP POST Request Handler. This manipu
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function delete_supplier of the file /ajax.php?action=delete_supplier. Such manipulation of t
SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_complaint.
A SQL injection vulnerability exists in Weaver E-cology 8.0 via the getdata.jsp endpoint. The application directly passes unsanitized user input from the sql parameter into a database query within the
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. Affected is an unknown function of the file /simple-online-bidding-system/bidding/admi
A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Cons
Build Smart ERP 21.0817 contains an unauthenticated SQL injection vulnerability in the 'eidValue' parameter of the login validation endpoint. Attackers can inject stacked SQL queries using payloads li
eNdonesia Portal v8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the bid parameter. Attac
Page 1+ Next →