Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-27074 | 1 Phpgurukul | 1 Bp Monitoring Management System | 2023-12-28 | N/A | 9.8 CRITICAL |
| BP Monitoring Management System v1.0 was discovered to contain a SQL injection vulnerability via the emailid parameter in the login page. | |||||
| CVE-2023-39551 | 1 Phpgurukul | 1 Online Security Guards Hiring System | 2023-12-28 | N/A | 9.8 CRITICAL |
| PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php. | |||||
| CVE-2021-42313 | 1 Microsoft | 1 Defender For Iot | 2023-12-28 | 10.0 HIGH | 10.0 CRITICAL |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | |||||
| CVE-2021-41365 | 1 Microsoft | 1 Defender For Iot | 2023-12-28 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | |||||
| CVE-2021-42311 | 1 Microsoft | 1 Defender For Iot | 2023-12-28 | 10.0 HIGH | 10.0 CRITICAL |
| Microsoft Defender for IoT Remote Code Execution Vulnerability | |||||
| CVE-2023-51049 | 1 S-cms | 1 S-cms | 2023-12-27 | N/A | 9.8 CRITICAL |
| S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_bbsauth parameter at /admin/ajax.php. | |||||
| CVE-2023-51050 | 1 S-cms | 1 S-cms | 2023-12-27 | N/A | 9.8 CRITICAL |
| S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_productauth parameter at /admin/ajax.php. | |||||
| CVE-2023-51048 | 1 S-cms | 1 S-cms | 2023-12-27 | N/A | 9.8 CRITICAL |
| S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_newsauth parameter at /admin/ajax.php. | |||||
| CVE-2023-49689 | 1 Kashipara | 1 Job Portal | 2023-12-27 | N/A | 9.8 CRITICAL |
| Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'JobId' parameter of the Employer/DeleteJob.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49688 | 1 Kashipara | 1 Job Portal | 2023-12-27 | N/A | 9.8 CRITICAL |
| Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49681 | 1 Kashipara | 1 Job Portal | 2023-12-27 | N/A | 9.8 CRITICAL |
| Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-44284 | 1 Dell | 12 Apex Protection Storage, Dd3300, Dd6400 and 9 more | 2023-12-27 | N/A | 4.3 MEDIUM |
| Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an SQL Injection vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing unauthorized read access to application data. | |||||
| CVE-2023-48050 | 2 Camsbiometrics, Odoo | 2 Zkteco\, Essl\, Cams Biometrics Integration Module, Biometric Attendance | 2023-12-27 | N/A | 9.8 CRITICAL |
| SQL injection vulnerability in Cams Biometrics Zkteco, eSSL, Cams Biometrics Integration Module with HR Attendance (aka odoo-biometric-attendance) v. 13.0 through 16.0.1 allows a remote attacker to execute arbitrary code and to gain privileges via the db parameter in the controllers/controllers.py component. | |||||
| CVE-2023-29096 | 1 Bestwebsoft | 1 Contact Form To Db | 2023-12-27 | N/A | 8.8 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress.This issue affects Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress: from n/a through 1.7.0. | |||||
| CVE-2023-49166 | 1 Magiclogix | 1 Msync | 2023-12-27 | N/A | 9.1 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Magic Logix MSync.This issue affects MSync: from n/a through 1.0.0. | |||||
| CVE-2023-49161 | 1 Guelbetech | 1 Bravo Translate | 2023-12-27 | N/A | 9.1 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Guelben Bravo Translate.This issue affects Bravo Translate: from n/a through 1.2. | |||||
| CVE-2023-29432 | 1 Favethemes | 1 Houzez | 2023-12-27 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Favethemes Houzez - Real Estate WordPress Theme.This issue affects Houzez - Real Estate WordPress Theme: from n/a before 2.8.3. | |||||
| CVE-2023-26525 | 1 Wedevs | 1 Dokan | 2023-12-27 | N/A | 8.1 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy.This issue affects Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy: from n/a through 3.7.12. | |||||
| CVE-2023-28491 | 1 Tribulant | 1 Slideshow Gallery | 2023-12-27 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery LITE.This issue affects Slideshow Gallery LITE: from n/a through 1.7.6. | |||||
| CVE-2023-28788 | 1 Pagevisitcounter | 1 Advanced Page Visit Counter | 2023-12-27 | N/A | 8.8 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 6.4.2. | |||||