Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-7161 | 1 Phpgurukul | 1 Zoo Management System | 2025-07-09 | N/A | 8.8 HIGH |
| A vulnerability classified as critical was found in PHPGurukul Zoo Management System 2.1. This vulnerability affects unknown code of the file /admin/add-normal-ticket.php. The manipulation of the argument cprice leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7157 | 1 Anisha | 1 Online Note Sharing | 2025-07-09 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7166 | 1 Fabian | 1 Responsive Blog Site | 2025-07-09 | N/A | 8.8 HIGH |
| A vulnerability was found in code-projects Responsive Blog Site 1.0. It has been classified as critical. This affects an unknown part of the file /single.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7168 | 1 Code-projects | 1 Crime Reporting System | 2025-07-09 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Crime Reporting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /userlogin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7171 | 1 Code-projects | 1 Crime Reporting System | 2025-07-09 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in code-projects Crime Reporting System 1.0. Affected by this issue is some unknown functionality of the file /policelogin.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7167 | 1 Fabian | 1 Responsive Blog Site | 2025-07-09 | N/A | 8.8 HIGH |
| A vulnerability was found in code-projects Responsive Blog Site 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7170 | 1 Code-projects | 1 Crime Reporting System | 2025-07-09 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in code-projects Crime Reporting System 1.0. Affected by this vulnerability is an unknown functionality of the file /registration.php. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7169 | 1 Code-projects | 1 Crime Reporting System | 2025-07-09 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in code-projects Crime Reporting System 1.0. Affected is an unknown function of the file /complainer_page.php. The manipulation of the argument location leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7172 | 1 Code-projects | 1 Crime Reporting System | 2025-07-09 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in code-projects Crime Reporting System 1.0. This affects an unknown part of the file /headlogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7184 | 1 Code-projects | 1 Library System | 2025-07-09 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Library System 1.0. It has been classified as critical. This affects an unknown part of the file /user/teacher/books.php. The manipulation of the argument Search leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7183 | 1 Campcodes | 1 Sales And Inventory System | 2025-07-09 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/customer_account.php. The manipulation of the argument Customer leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7185 | 1 Code-projects | 1 Library System | 2025-07-09 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-47172 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2025-07-09 | N/A | 8.8 HIGH |
| Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-47682 | 1 Cozyvision | 1 Sms Alert Order Notifications | 2025-07-09 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision Technologies Pvt. Ltd. SMS Alert Order Notifications – WooCommerce allows SQL Injection.This issue affects SMS Alert Order Notifications – WooCommerce: from n/a through 3.8.2. | |||||
| CVE-2025-2659 | 1 Projectworlds | 1 Online Time Table Generator | 2025-07-09 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file /student/index.php. The manipulation of the argument e leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2660 | 1 Projectworlds | 1 Online Time Table Generator | 2025-07-09 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in Project Worlds Online Time Table Generator 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument e leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2661 | 1 Projectworlds | 1 Online Time Table Generator | 2025-07-09 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Project Worlds Online Time Table Generator 1.0 and classified as critical. This issue affects some unknown processing of the file /staff/index.php. The manipulation of the argument e leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2662 | 1 Projectworlds | 1 Online Time Table Generator | 2025-07-09 | N/A | 8.8 HIGH |
| A vulnerability was found in Project Worlds Online Time Table Generator 1.0. It has been classified as critical. Affected is an unknown function of the file student/studentdashboard.php. The manipulation of the argument course leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-35148 | 1 Ibm | 1 Maximo Application Suite | 2025-07-08 | N/A | 8.8 HIGH |
| IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. | |||||
| CVE-2025-7180 | 1 Carmelo | 1 Staff Audit System | 2025-07-08 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument User leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||