Lucene search
K

652 matches found

OSV
OSV
added 2024/12/26 8:15 a.m.4 views

CVE-2024-12941

A vulnerability was found in CodeAstro Blood Donor Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /pages/deletedannounce.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has...

8.8CVSS5.8AI score0.00446EPSS
Exploits1References5
NVD
NVD
added 2024/12/09 5:15 p.m.13 views

CVE-2024-54926

A SQL Injection vulnerability was found in /searchclass.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the schoolyear parameter...

9.8CVSS0.00555EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36442 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A SQL injection issue was found in the /admin/edit content.php endpoint, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized access to the database...

9.8CVSS8.6AI score0.00571EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36440 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A SQL Injection issue was found in the /admin/edit user.php file, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized access to the database via the...

9.8CVSS8.6AI score0.00551EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2024/12/09 12:0 a.m.11 views

CVE-2024-54921

A SQL Injection was found in /studentsignup.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username, firstname, lastname, and classid parameters...

10AI score0.00571EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/11/08 12:0 a.m.4 views

PT-2024-34342 · Unknown · Elefant Firebird

Name of the Vulnerable Software and Affected Versions: Elefant Firebird database versions prior to 24.03.03 Description: An unauthenticated attacker with access to the local network of a medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database...

9.8CVSS7.4AI score0.00676EPSS
Exploits0References8
OSV
OSV
added 2024/10/15 1:15 p.m.4 views

CVE-2024-48280

A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL command via the fromdate parameter in a POST HTTP request...

7.6CVSS6.1AI score0.0045EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.2 views

PT-2024-33068 · Unknown · Phpgurukul User Registration & Login/User Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul User Registration & Login and User Management System version 3.2 Description: A SQL Injection issue was found in the /password-recovery.php file, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized...

7.6CVSS9.4AI score0.00411EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.6 views

PT-2024-39974 · Code Projects · Code-Projects Pharmacy Management System

Name of the Vulnerable Software and Affected Versions: code-projects Pharmacy Management System version 1.0 Description: A critical issue has been discovered, affecting the file /php/manage customer.php. The manipulation of the text argument leads to SQL injection. This issue can be exploited...

9.8CVSS7.1AI score0.00501EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/10/10 12:0 a.m.7 views

PT-2024-39840 · Unknown · Lylme Spage

Name of the Vulnerable Software and Affected Versions: LyLme spage version 1.9.5 Description: A critical issue affects the processing of the file /admin/apply.php. The manipulation of the id argument leads to SQL injection. The attack can be initiated remotely. Recommendations: For LyLme spage...

7.2CVSS5.9AI score0.00547EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/09/29 12:0 a.m.4 views

PT-2024-39577 · Sourcecodester · Sourcecodester Advocate Office Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Advocate Office Management System version 1.0 Description: A critical issue affects the processing of the file /control/edit client.php, where the manipulation of the id argument leads to SQL injection. The attack can be...

9.8CVSS7.1AI score0.00595EPSS
Exploits1References10
OSV
OSV
added 2024/08/06 3:15 a.m.3 views

CVE-2024-7499

A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file flights.php. The manipulation of the argument departureairportid leads to sql injection. The attack can be launched...

9.8CVSS5.7AI score0.00551EPSS
Exploits1References4
OSV
OSV
added 2024/07/31 1:15 a.m.4 views

CVE-2024-7278

A vulnerability was found in itsourcecode Alton Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/teamsave.php. The manipulation of the argument team leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...

7.2CVSS5.7AI score0.00461EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2024/07/25 12:0 a.m.4 views

The vulnerability of the templateadd.php file in the Tailoring Management System allows a malicious individual to execute arbitrary SQL code, gain unauthorized access to read, modify, or delete data, or cause service interruptions.

The vulnerability of the templateadd.php file in the Tailoring Management System relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary SQL code, gain unauthorized access to read, modify, ...

6.5CVSS7AI score0.0061EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/05/20 8:15 a.m.4 views

CVE-2024-5134

A vulnerability was found in SourceCodester Electricity Consumption Monitoring Tool 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-bill.php. The manipulation of the argument bill leads to sql injection. The attack can be initiated...

9.8CVSS6.5AI score0.00579EPSS
Exploits1References4
OSV
OSV
added 2024/05/20 12:15 a.m.3 views

CVE-2024-5107

A vulnerability, which was classified as critical, has been found in Campcodes Complete Web-Based School Management System 1.0. This issue affects some unknown processing of the file /view/studentpaymentdetails2.php. The manipulation of the argument index leads to sql injection. The attack may be...

6.5CVSS6.4AI score0.00407EPSS
Exploits1References4
NVD
NVD
added 2024/05/16 4:15 p.m.15 views

CVE-2024-4609

A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in...

9.8CVSS6.9AI score0.00652EPSS
Exploits0References1
OSV
OSV
added 2024/05/16 4:15 p.m.5 views

CVE-2024-4609

A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in...

9.8CVSS5.8AI score0.00652EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/16 3:13 p.m.14 views

CVE-2024-4609 Rockwell Automation Datalog Function within in FactoryTalk® View SE contains SQL Injection Vulnerability

A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in...

8.8CVSS7.3AI score0.00652EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/16 3:13 p.m.28 views

CVE-2024-4609 Rockwell Automation Datalog Function within in FactoryTalk® View SE contains SQL Injection Vulnerability

A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in...

8.8CVSS7.2AI score0.00652EPSS
Exploits0References1
Rows per page
Query Builder