Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-31843 | 1 Faculty Evaluation System Project | 1 Faculty Evaluation System | 2025-01-23 | N/A | 7.2 HIGH |
| Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/view_faculty.php?id=. | |||||
| CVE-2023-31631 | 1 Openlinksw | 1 Virtuoso | 2025-01-23 | N/A | 7.5 HIGH |
| An issue in the sqlo_preds_contradiction component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | |||||
| CVE-2023-31616 | 1 Openlinksw | 1 Virtuoso | 2025-01-23 | N/A | 7.5 HIGH |
| An issue in the bif_mod component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | |||||
| CVE-2023-31626 | 1 Openlinksw | 1 Virtuoso | 2025-01-23 | N/A | 7.5 HIGH |
| An issue in the gpf_notice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | |||||
| CVE-2023-31628 | 1 Openlinksw | 1 Virtuoso | 2025-01-23 | N/A | 7.5 HIGH |
| An issue in the stricmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | |||||
| CVE-2023-31842 | 1 Faculty Evaluation System Project | 1 Faculty Evaluation System | 2025-01-23 | N/A | 7.2 HIGH |
| Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/index.php?page=edit_faculty&id=. | |||||
| CVE-2023-31629 | 1 Openlinksw | 1 Virtuoso | 2025-01-23 | N/A | 7.5 HIGH |
| An issue in the sqlo_union_scope component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | |||||
| CVE-2023-31630 | 1 Openlinksw | 1 Virtuoso | 2025-01-23 | N/A | 7.5 HIGH |
| An issue in the sqlo_query_spec component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | |||||
| CVE-2024-23603 | 1 F5 | 2 Big-ip Advanced Web Application Firewall, Big-ip Application Security Manager | 2025-01-23 | N/A | 8.8 HIGH |
| An SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |||||
| CVE-2024-1795 | 1 Pluginus | 1 Husky - Products Filter Professional For Woocommerce | 2025-01-23 | N/A | N/A |
| The HUSKY – Products Filter for WooCommerce Professional plugin for WordPress is vulnerable to SQL Injection via the 'name' parameter in the woof shortcode in all versions up to, and including, 1.3.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | |||||
| CVE-2023-31608 | 1 Openlinksw | 1 Virtuoso | 2025-01-23 | N/A | 7.5 HIGH |
| An issue in the artm_div_int component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | |||||
| CVE-2023-31607 | 1 Openlinksw | 1 Virtuoso | 2025-01-23 | N/A | 7.5 HIGH |
| An issue in the __libc_malloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | |||||
| CVE-2023-30245 | 1 Judging Management System Project | 1 Judging Management System | 2025-01-23 | N/A | 9.8 CRITICAL |
| SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to execute arbitrary code via the crit_id parameter of the edit_criteria.php file. | |||||
| CVE-2023-27742 | 1 Idurarapp | 1 Idurar | 2025-01-23 | N/A | 9.8 CRITICAL |
| IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/login. | |||||
| CVE-2023-31519 | 1 Pharmacy Management System Project | 1 Pharmacy Management System | 2025-01-23 | N/A | 9.8 CRITICAL |
| Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the email parameter at login_core.php. | |||||
| CVE-2023-30189 | 1 Posthemes | 1 Posstaticblocks | 2025-01-23 | N/A | 9.8 CRITICAL |
| Prestashop posstaticblocks <= 1.0.0 is vulnerable to SQL Injection via posstaticblocks::getPosCurrentHook(). | |||||
| CVE-2024-57770 | 1 Jfinaloa Project | 1 Jfinaloa | 2025-01-23 | N/A | 8.8 HIGH |
| JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component apply/save#oaContractApply.id. | |||||
| CVE-2023-31612 | 1 Openlinksw | 1 Virtuoso | 2025-01-23 | N/A | 7.5 HIGH |
| An issue in the dfe_qexp_list component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | |||||
| CVE-2023-31613 | 1 Openlinksw | 1 Virtuoso | 2025-01-23 | N/A | 7.5 HIGH |
| An issue in the __nss_database_lookup component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | |||||
| CVE-2024-57769 | 1 Jfinaloa Project | 1 Jfinaloa | 2025-01-23 | N/A | 8.8 HIGH |
| JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component borrowmoney/listData?applyUser. | |||||