13545 matches found
CVE-2024-30985
SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters...
CVE-2024-22719
SQL Injection vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary SQL commands via the 'keyword' when searching for a client...
CVE-2024-28595
SQL Injection vulnerability in Employee Management System v1.0 allows attackers to run arbitrary SQL commands via the adminid parameter in update-admin.php...
CVE-2024-25866
A SQL Injection vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary SQL commands via the email parameter in the index.php component...
CVE-2024-25248
SQL Injection vulnerability in the orderGoodsDelivery function in Niushop B2B2C V5 allows attackers to run arbitrary SQL commands via the orderid parameter...
CVE-2024-25247
SQL Injection vulnerability in /app/api/controller/Store.php in Niushop B2B2C V5 allows attackers to run arbitrary SQL commands via latitude and longitude parameters...
CVE-2024-25867
A SQL Injection vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary SQL commands via the membershipType and membershipAmount parameters in the addtype.php component...
CVE-2024-25351
SQL Injection vulnerability in /zms/admin/changeimage.php in PHPGurukul Zoo Management System 1.0 allows attackers to run arbitrary SQL commands via the editid parameter...
CVE-2024-23763
SQL Injection vulnerability in Gambio through 4.9.2.0 allows attackers to run arbitrary SQL commands via crafted GET request using modifiersattribute parameter...
CVE-2024-24027
SQL Injection vulnerability in Likeshop before 2.5.7 allows attackers to run abitrary SQL commands via the function DistributionMemberLogic::getFansLists...
CVE-2024-24110
SQL Injection vulnerability in crmebjava before v1.3.4 allows attackers to run arbitrary SQL commands via crafted GET request to the component /api/front/spread/people...
CVE-2024-50972
A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrowid parameter...
CVE-2024-40479
A SQL injection vulnerability in "/admin/quizquestion.php" in Kashipara Online Exam System v1.0 allows remote attackers to execute arbitrary SQL commands via the "eid" parameter...
CVE-2024-33405
SQL injection vulnerability in addfriends.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the friendindex parameter...
CVE-2024-33404
A SQL injection vulnerability in /model/addstudentfirstpayment.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the index parameter...
CVE-2024-33408
A SQL injection vulnerability in /model/getclassroom.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter...
CVE-2024-33409
SQL injection vulnerability in index.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the name parameter...
CVE-2024-33410
SQL injection vulnerability in /model/deleterangegrade.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter...
CVE-2024-33406
SQL injection vulnerability in /model/deletestudentgradesubject.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the index parameter...
CVE-2024-42782
A SQL injection vulnerability in "/music/ajax.php?action=findmusic" in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "search" parameter...