Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-8466 | 1 Phpgurukul | 1 Job Portal | 2024-09-06 | N/A | 7.5 HIGH |
| SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/category/controller.php, and retrieve all the information stored in it. | |||||
| CVE-2024-8465 | 1 Phpgurukul | 1 Job Portal | 2024-09-06 | N/A | 7.5 HIGH |
| SQL injection vulnerability, by which an attacker could send a specially designed query through user_id parameter in /jobportal/admin/user/controller.php, and retrieve all the information stored in it. | |||||
| CVE-2024-8464 | 1 Phpgurukul | 1 Job Portal | 2024-09-06 | N/A | 7.5 HIGH |
| SQL injection vulnerability, by which an attacker could send a specially designed query through JOBREGID parameter in /jobportal/admin/applicants/controller.php, and retrieve all the information stored in it. | |||||
| CVE-2022-47428 | 1 Wpdevart | 1 Booking Calendar | 2024-09-05 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WpDevArt Booking calendar, Appointment Booking System allows SQL Injection.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.7. | |||||
| CVE-2023-36677 | 1 Smartypantsplugins | 1 Sp Project \& Document Manager | 2024-09-05 | N/A | 8.8 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager allows SQL Injection.This issue affects SP Project & Document Manager: from n/a through 4.67. | |||||
| CVE-2022-47420 | 1 Adaplugin | 1 Accessibility Suite By Online Ada | 2024-09-05 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Online ADA Accessibility Suite by Online ADA allows SQL Injection.This issue affects Accessibility Suite by Online ADA: from n/a through 4.12. | |||||
| CVE-2023-25990 | 1 Themeum | 1 Tutor Lms | 2024-09-05 | N/A | 8.8 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10. | |||||
| CVE-2022-46808 | 1 Reputeinfosystems | 1 Armember | 2024-09-05 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute Infosystems ARMember armember-membership allows SQL Injection.This issue affects ARMember: from n/a through 3.4.11. | |||||
| CVE-2023-40215 | 1 Superwhite | 1 Demon Image Annotation | 2024-09-05 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Demonisblack demon image annotation allows SQL Injection.This issue affects demon image annotation: from n/a through 5.1. | |||||
| CVE-2023-32508 | 1 Cagewebdev | 1 Order Your Posts Manually | 2024-09-05 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolf van Gelder Order Your Posts Manually allows SQL Injection.This issue affects Order Your Posts Manually: from n/a through 2.2.5. | |||||
| CVE-2023-25700 | 1 Themeum | 1 Tutor Lms | 2024-09-05 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10. | |||||
| CVE-2023-34179 | 1 Groundhogg | 1 Groundhogg | 2024-09-05 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Groundhogg Inc. Groundhogg allows SQL Injection.This issue affects Groundhogg: from n/a through 2.7.11. | |||||
| CVE-2022-46859 | 1 Spiffyplugins | 1 Spiffy Calendar | 2024-09-05 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a through 4.9.1. | |||||
| CVE-2023-25800 | 1 Themeum | 1 Tutor Lms | 2024-09-05 | N/A | 8.8 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.2.0. | |||||
| CVE-2022-47426 | 1 Neshan | 1 Neshan Maps | 2024-09-05 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Neshan Maps Platform Neshan Maps neshan-maps allows SQL Injection.This issue affects Neshan Maps: from n/a through 1.1.4. | |||||
| CVE-2022-46818 | 1 Gopiplus | 1 Email Posts To Subscribers | 2024-09-05 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Gopi Ramasamy Email posts to subscribers allows SQL Injection.This issue affects Email posts to subscribers: from n/a through 6.2. | |||||
| CVE-2024-8173 | 1 Blood Bank System Project | 1 Blood Bank System | 2024-09-05 | N/A | 7.5 HIGH |
| A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file /login.php of the component Login Page. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-41444 | 1 Seacms | 1 Seacms | 2024-09-05 | N/A | 9.8 CRITICAL |
| SeaCMS v12.9 has a SQL injection vulnerability in the key parameter of /js/player/dmplayer/dmku/index.php?ac=so. | |||||
| CVE-2022-47445 | 1 Web-x | 1 Be-popia-compliant | 2024-09-05 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Web-X Be POPIA Compliant be-popia-compliant allows SQL Injection.This issue affects Be POPIA Compliant: from n/a through 1.2.0. | |||||
| CVE-2024-45265 | 1 Skyss | 1 Arfa-cms | 2024-09-05 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter. | |||||