Total
15142 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-10991 | 1 Codezips | 1 Hospital Appointment System | 2024-11-18 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in Codezips Hospital Appointment System 1.0. This issue affects some unknown processing of the file /editBranchResult.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-44761 | 2 Gzequan, Yiquan Information | 2 Eq Enterprise Management System, Eq Enterprise Management System | 2024-11-18 | 9.9 Critical |
| An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests. | ||||
| CVE-2021-1470 | 2024-11-18 | 4.9 Medium | ||
| A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper input validation of SQL queries to an affected system. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on or return values from the vManage database or the underlying operating system.Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. | ||||
| CVE-2024-3370 | 1 Egeabilgi Software | 1 Website Template | 2024-11-18 | 8.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Egebilgi Software Website Template allows SQL Injection.This issue affects Website Template: before 29.04.2024. | ||||
| CVE-2024-50826 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
| A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning Management System Project 1.0 via the title and content parameters. | ||||
| CVE-2024-50825 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
| A SQL Injection vulnerability was found in /admin/school_year.php in kashipara E-learning Management System Project 1.0 via the school_year parameter. | ||||
| CVE-2024-50824 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
| A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter. | ||||
| CVE-2024-50823 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
| A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management System Project 1.0 via the username and password parameters. | ||||
| CVE-2024-50835 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
| A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning Management System Project 1.0 via the cys, un, ln, fn, and id parameters. | ||||
| CVE-2024-50834 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
| A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0 via the firstname and lastname parameters. | ||||
| CVE-2024-50833 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
| A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters. | ||||
| CVE-2024-50832 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
| A SQL Injection vulnerability was found in /admin/edit_class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter. | ||||
| CVE-2024-50831 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
| A SQL Injection was found in /admin/admin_user.php in kashipara E-learning Management System Project 1.0 via the username and password parameters. | ||||
| CVE-2024-50830 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
| A SQL Injection vulnerability was found in /admin/calendar_of_events.php in kashipara E-learning Management System Project 1.0 via the date_start, date_end, and title parameters. | ||||
| CVE-2024-50829 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
| A SQL Injection vulnerability was found in /admin/edit_subject.php in kashipara E-learning Management System Project 1.0 via the unit parameter. | ||||
| CVE-2024-50828 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
| A SQL Injection vulnerability was found in /admin/edit_department.php in kashipara E-learning Management System Project 1.0 via the d parameter. | ||||
| CVE-2024-50827 | 2 Kashipara, Lopalopa | 2 E Learning Management System Project, E-learning Management System | 2024-11-18 | 3.5 Low |
| A SQL Injection vulnerability was found in /admin/add_subject.php in kashipara E-learning Management System Project 1.0 via the subject_code parameter. | ||||
| CVE-2024-11124 | 1 Timgeyssens | 1 Ui-o-matic | 2024-11-15 | 4.7 Medium |
| A vulnerability has been found in TimGeyssens UIOMatic 5 and classified as critical. This vulnerability affects unknown code of the file /src/UIOMatic/wwwroot/backoffice/resources/uioMaticObject.r. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-11127 | 2 Anisha, Code-projects | 2 Job Recruitment, Job Recruitment | 2024-11-15 | 6.3 Medium |
| A vulnerability was found in code-projects Job Recruitment up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin.php. The manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-51882 | 1 Ehues | 1 Gboy Custom Google Map | 2024-11-15 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ehues Gboy Custom Google Map allows Blind SQL Injection.This issue affects Gboy Custom Google Map: from n/a through 1.2. | ||||