Total
15969 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-8442 | 2 Anisha, Code-projects | 2 Online Medicine Guide, Online Medicine Guide | 2025-08-05 | 7.3 High |
| A vulnerability has been found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cussignup.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8443 | 2 Anisha, Code-projects | 2 Online Medicine Guide, Online Medicine Guide | 2025-08-05 | 7.3 High |
| A vulnerability was found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument uname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8494 | 2 Carmelo, Code-projects | 2 Intern Membership Management System, Intern Membership Management System | 2025-08-05 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in code-projects Intern Membership Management System 1.0. This issue affects some unknown processing of the file /admin/delete_student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-43436 | 1 Moodle | 1 Moodle | 2025-08-05 | 7.2 High |
| A SQL injection risk flaw was found in the XMLDB editor tool available to site administrators. | ||||
| CVE-2025-8466 | 2 Anisha, Code-projects | 2 Online Farm System, Online Farm System | 2025-08-05 | 7.3 High |
| A vulnerability was found in code-projects Online Farm System 1.0. It has been classified as critical. Affected is an unknown function of the file /forgot_passfarmer.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8467 | 2 Anisha, Code-projects | 2 Wazifa System, Wazifa System | 2025-08-05 | 7.3 High |
| A vulnerability was found in code-projects Wazifa System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /controllers/regcontrol.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8468 | 2 Anisha, Code-projects | 2 Wazifa System, Wazifa System | 2025-08-05 | 7.3 High |
| A vulnerability was found in code-projects Wazifa System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /controllers/reset.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8469 | 2 Fabian, Sourcecodester | 2 Online Hotel Reservation System, Online Hotel Reservation System | 2025-08-05 | 7.3 High |
| A vulnerability classified as critical has been found in SourceCodester Online Hotel Reservation System 1.0. This affects an unknown part of the file /admin/deletegallery.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8470 | 2 Fabian, Sourcecodester | 2 Online Hotel Reservation System, Online Hotel Reservation System | 2025-08-05 | 7.3 High |
| A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /admin/deleteroom.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8471 | 1 Projectworlds | 1 Online Admission System | 2025-08-05 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in projectworlds Online Admission System 1.0. This issue affects some unknown processing of the file /adminlogin.php. The manipulation of the argument a_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8493 | 2 Carmelo, Code-projects | 2 Intern Membership Management System, Intern Membership Management System | 2025-08-05 | 7.3 High |
| A vulnerability classified as critical was found in code-projects Intern Membership Management System 1.0. This vulnerability affects unknown code of the file /admin/edit_student_query.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-47178 | 1 Microsoft | 2 Configuration Manager, Configuration Manager 2503 | 2025-08-05 | 8 High |
| Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network. | ||||
| CVE-2025-8497 | 2 Anisha, Code-projects | 2 Online Medicine Guide, Online Medicine Guide | 2025-08-05 | 7.3 High |
| A vulnerability was found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /cusfindphar2.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8498 | 2 Anisha, Code-projects | 2 Online Medicine Guide, Online Medicine Guide | 2025-08-05 | 7.3 High |
| A vulnerability was found in code-projects Online Medicine Guide 1.0. It has been classified as critical. This affects an unknown part of the file /cart/index.php. The manipulation of the argument uname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8499 | 2 Anisha, Code-projects | 2 Online Medicine Guide, Online Medicine Guide | 2025-08-05 | 7.3 High |
| A vulnerability was found in code-projects Online Medicine Guide 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cusfindambulence2.php. The manipulation of the argument Search leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8502 | 2 Anisha, Code-projects | 2 Online Medicine Guide, Online Medicine Guide | 2025-08-05 | 7.3 High |
| A vulnerability classified as critical was found in code-projects Online Medicine Guide 1.0. Affected by this vulnerability is an unknown functionality of the file /changepass.php. The manipulation of the argument ups leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8503 | 2 Anisha, Code-projects | 2 Online Medicine Guide, Online Medicine Guide | 2025-08-05 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in code-projects Online Medicine Guide 1.0. Affected by this issue is some unknown functionality of the file /adaddmed.php. The manipulation of the argument mname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8500 | 2 Code-projects, Fabianros | 2 Human Resource Integrated System, Human Resource Integrated System | 2025-08-05 | 6.3 Medium |
| A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insert-and-view/action.php. The manipulation of the argument content leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-54119 | 2 Adodb Lite, Adodb Project | 2 Adodb Lite, Adodb | 2025-08-05 | 10 Critical |
| ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database and calls the metaColumns(), metaForeignKeys() or metaIndexes() methods with a crafted table name. This is fixed in version 5.22.10. To workaround this issue, only pass controlled data to metaColumns(), metaForeignKeys() and metaIndexes() method's $table parameter. | ||||
| CVE-2025-52390 | 1 Saurus | 1 Saurus Cms | 2025-08-05 | 9.1 Critical |
| Saurus CMS Community Edition since commit d886e5b0 (2010-04-23) is vulnerable to a SQL Injection vulnerability in the `prepareSearchQuery()` method in `FulltextSearch.class.php`. The application directly concatenates user-supplied input (`$search_word`) into SQL queries without sanitization, allowing attackers to manipulate the SQL logic and potentially extract sensitive information or escalate their privileges. | ||||