CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

737 matches found

Cvelist•added 2025/05/16 2:0 a.m.•22 views

CVE-2025-4739 projectworlds Hospital Database Management System medicines_info.php sql injection

A vulnerability was found in projectworlds Hospital Database Management System 1.0. It has been classified as critical. This affects an unknown part of the file /medicinesinfo.php. The manipulation of the argument MedID leads to sql injection. It is possible to initiate the attack remotely. The...

7.5CVSS0.00421EPSS

Exploits1References4

CVE•added 2025/05/16 2:0 a.m.•31 views

CVE-2025-4739

Summary: CVE-2025-4739 affects projectworlds Hospital Database Management System 1.0. The vulnerability is an SQL injection in the file /medicines_info.php (Med_ID/Med ID parameter) allowing remote exploitation. Multiple connected sources confirm the issue and indicate exploitation is possible an...

9.8CVSS7.5AI score0.00421EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2025/05/16 2:0 a.m.•10 views

CVE-2025-4739 projectworlds Hospital Database Management System medicines_info.php sql injection

7.5CVSS7.7AI score0.00421EPSS

Exploits1References4

BDU FSTEC•added 2025/05/13 12:0 a.m.•7 views

The vulnerability of the application software interface for managing database content in SQL Directus, which allows a hacker to increase their privileges

The vulnerability of the application software interface for managing database content in SQL Directus is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges by using certain administrative functions remotely...

5CVSS5.6AI score0.00372EPSS

Exploits1References6Affected Software1

RedhatCVE•added 2025/05/11 12:15 a.m.•16 views

CVE-2025-46192

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in userpaymentupdate.php via the orderid POST parameter...

9.8CVSS8.1AI score0.00352EPSS

Exploits0References1

RedhatCVE•added 2025/05/11 12:15 a.m.•23 views

CVE-2025-46190

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in userdeliveryupdate.php via the orderid POST parameter...

9.8CVSS8.1AI score0.00352EPSS

Exploits0References1

RedhatCVE•added 2025/05/11 12:15 a.m.•16 views

CVE-2025-46189

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in userordercustomerupdate.php via the orderid POST parameter...

9.8CVSS8.1AI score0.00438EPSS

Exploits1References1

RedhatCVE•added 2025/05/11 12:15 a.m.•18 views

CVE-2025-46188

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in superadminphpmyadmin.php...

9.8CVSS8.1AI score0.00564EPSS

Exploits1References1

NVD•added 2025/05/09 5:15 p.m.•25 views

CVE-2025-46190

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in userdeliveryupdate.php via the orderid POST parameter...

9.8CVSS0.00352EPSS

Exploits0References2

NVD•added 2025/05/09 5:15 p.m.•19 views

CVE-2025-46192

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in userpaymentupdate.php via the orderid POST parameter...

9.8CVSS0.00352EPSS

Exploits0References2

OSV•added 2025/05/09 5:15 p.m.•4 views

CVE-2025-46190

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in userdeliveryupdate.php via the orderid POST parameter...

9.8CVSS6AI score0.00352EPSS

Exploits0References2

OSV•added 2025/05/09 5:15 p.m.•4 views

CVE-2025-46192

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in userpaymentupdate.php via the orderid POST parameter...

9.8CVSS6AI score0.00352EPSS

Exploits0References2

NVD•added 2025/05/09 4:15 p.m.•12 views

CVE-2025-46193

SourceCodester Client Database Management System 1.0 is vulnerable to Remote code execution via Arbitrary file upload in userproposalupdateorder.php...

9.8CVSS0.00607EPSS

Exploits0References2

NVD•added 2025/05/09 4:15 p.m.•13 views

CVE-2025-46188

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in superadminphpmyadmin.php...

9.8CVSS0.00564EPSS

Exploits1References2

NVD•added 2025/05/09 4:15 p.m.•13 views

CVE-2025-46189

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in userordercustomerupdate.php via the orderid POST parameter...

9.8CVSS0.00438EPSS

Exploits1References2

OSV•added 2025/05/09 4:15 p.m.•4 views

CVE-2025-46189

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in userordercustomerupdate.php via the orderid POST parameter...

9.8CVSS6AI score0.00438EPSS

Exploits1References2

Cvelist•added 2025/05/09 12:0 a.m.•13 views

CVE-2025-46189

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in userordercustomerupdate.php via the orderid POST parameter...

0.00438EPSS

Exploits1References2

CVE•added 2025/05/09 12:0 a.m.•66 views

CVE-2025-46192

CVE-2025-46192 affects SourceCodester Client Database Management System 1.0. Vulnerable component: user_payment_update.php, where SQL injection is possible via the order_id POST parameter due to improper input handling. Impact per CVSS: high confidentiality, integrity, and availability; overall c...

9.8CVSS8.3AI score0.00352EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2025/05/09 12:0 a.m.•11 views

CVE-2025-46192

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in userpaymentupdate.php via the orderid POST parameter...

7.6AI score0.00352EPSS

Exploits0References2

Cvelist•added 2025/05/09 12:0 a.m.•18 views

CVE-2025-46188

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in superadminphpmyadmin.php...

0.00564EPSS

Exploits1References2