Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-35915 | 1 Automattic | 1 Woopayments | 2023-12-29 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 5.9.0. | |||||
| CVE-2023-32743 | 1 Woocommerce | 1 Automatewoo | 2023-12-28 | N/A | 4.9 MEDIUM |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.1. | |||||
| CVE-2023-32590 | 1 Subscribe To Category Project | 1 Subscribe To Category | 2023-12-28 | N/A | 7.5 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category.This issue affects Subscribe to Category: from n/a through 2.7.4. | |||||
| CVE-2023-47236 | 1 Ipages Flipbook Project | 1 Ipages Flipbook | 2023-12-28 | N/A | 4.9 MEDIUM |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Avirtum iPages Flipbook For WordPress.This issue affects iPages Flipbook For WordPress: from n/a through 1.4.8. | |||||
| CVE-2023-38519 | 1 Mainwp | 1 Mainwp Dashboard | 2023-12-28 | N/A | 4.9 MEDIUM |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MainWP MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance.This issue affects MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance: from n/a through 4.4.3.3. | |||||
| CVE-2022-4015 | 1 Sports Club Management System Project | 1 Sports Club Management System | 2023-12-28 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in Sports Club Management System 119. This affects an unknown part of the file admin/make_payments.php. The manipulation of the argument m_id/plan leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213789 was assigned to this vulnerability. | |||||
| CVE-2022-3801 | 1 Ibax | 1 Go-ibax | 2023-12-28 | N/A | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in IBAX go-ibax. This affects an unknown part of the file /api/v2/open/rowsInfo. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212637 was assigned to this vulnerability. | |||||
| CVE-2022-3729 | 1 Ehoney Project | 1 Ehoney | 2023-12-28 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in seccome Ehoney. This issue affects some unknown processing of the file /api/v1/attack. The manipulation of the argument AttackIP leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-212411. | |||||
| CVE-2022-3714 | 1 Oretnom23 | 1 Online Medicine Ordering System | 2023-12-28 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in SourceCodester Online Medicine Ordering System 1.0. Affected is an unknown function of the file admin/?page=orders/view_order. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. VDB-212346 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3471 | 1 Oretnom23 | 1 Human Resource Management System | 2023-12-28 | N/A | 4.9 MEDIUM |
| A vulnerability was found in SourceCodester Human Resource Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file city.php. The manipulation of the argument searccity leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-210715. | |||||
| CVE-2021-20678 | 1 Strangerstudios | 1 Paid Memberships Pro | 2023-12-28 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in the Paid Memberships Pro versions prior to 2.5.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2023-48764 | 1 Guardgiant | 1 Guardgiant | 2023-12-28 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GuardGiant Brute Force Protection WordPress Brute Force Protection – Stop Brute Force Attacks.This issue affects WordPress Brute Force Protection – Stop Brute Force Attacks: from n/a through 2.2.5. | |||||
| CVE-2023-48738 | 1 Portotheme | 1 Functionality | 2023-12-28 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Porto Theme Porto Theme - Functionality.This issue affects Porto Theme - Functionality: from n/a before 2.12.1. | |||||
| CVE-2022-42241 | 1 Oretnom23 | 1 Simple Cold Storage Management System | 2023-12-28 | N/A | 7.2 HIGH |
| Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_message. | |||||
| CVE-2022-42232 | 1 Oretnom23 | 1 Simple Cold Storage Management System | 2023-12-28 | N/A | 7.2 HIGH |
| Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/classes/Master.php?f=delete_storage. | |||||
| CVE-2022-42242 | 1 Oretnom23 | 1 Simple Cold Storage Management System | 2023-12-28 | N/A | 7.2 HIGH |
| Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_booking. | |||||
| CVE-2022-42250 | 1 Oretnom23 | 1 Simple Cold Storage Management System | 2023-12-28 | N/A | 7.2 HIGH |
| Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/inquiries/view_details.php?id=. | |||||
| CVE-2022-42243 | 1 Oretnom23 | 1 Simple Cold Storage Management System | 2023-12-28 | N/A | 7.2 HIGH |
| Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/manage_storage.php?id=. | |||||
| CVE-2021-45435 | 1 Oretnom23 | 1 Simple Cold Storage Management System | 2023-12-28 | 7.5 HIGH | 9.8 CRITICAL |
| An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System using PHP/OOP 1.0 via the username field in login.php. | |||||
| CVE-2023-41615 | 1 Phpgurukul | 1 Zoo Management System | 2023-12-28 | N/A | 9.8 CRITICAL |
| Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields. | |||||