Total
16419 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-0466 | 1 Code-projects | 1 Employee Profile Management System | 2024-11-21 | 5.5 Medium |
| A vulnerability, which was classified as critical, has been found in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file file_table.php. The manipulation of the argument per_id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250571. | ||||
| CVE-2024-0462 | 1 Fabianros | 1 Online Faculty Clearance System | 2024-11-21 | 6.3 Medium |
| A vulnerability was found in code-projects Online Faculty Clearance 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /production/designee_view_status.php of the component HTTP POST Request Handler. The manipulation of the argument haydi leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250567. | ||||
| CVE-2024-0360 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.5 Medium |
| A vulnerability was found in PHPGurukul Hospital Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/edit-doctor-specialization.php. The manipulation of the argument doctorspecilization leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250127. | ||||
| CVE-2024-0277 | 1 Kashipara | 1 Food Management System | 2024-11-21 | 6.3 Medium |
| A vulnerability classified as critical was found in Kashipara Food Management System up to 1.0. This vulnerability affects unknown code of the file party_submit.php. The manipulation of the argument party_name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249832. | ||||
| CVE-2024-0275 | 1 Kashipara | 1 Food Management System | 2024-11-21 | 6.3 Medium |
| A vulnerability was found in Kashipara Food Management System up to 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file item_edit_submit.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249830 is the identifier assigned to this vulnerability. | ||||
| CVE-2024-0270 | 1 Kashipara | 1 Food Management System | 2024-11-21 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in Kashipara Food Management System up to 1.0. This affects an unknown part of the file item_list_submit.php. The manipulation of the argument item_name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249825 was assigned to this vulnerability. | ||||
| CVE-2024-0269 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-11-21 | 8.3 High |
| ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in File-Summary DrillDown. This issue has been fixed and released in version 7271. | ||||
| CVE-2024-0253 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-11-21 | 8.3 High |
| ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data. | ||||
| CVE-2024-0247 | 1 Online Food Ordering System Project | 1 Online Food Ordering System | 2024-11-21 | 7.3 High |
| A vulnerability classified as critical was found in CodeAstro Online Food Ordering System 1.0. This vulnerability affects unknown code of the file /admin/ of the component Admin Panel. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249778 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-7190 | 1 S-cms | 1 S-cms | 2024-11-21 | 5.5 Medium |
| A vulnerability, which was classified as critical, has been found in S-CMS up to 2.0_build20220529-20231006. Affected by this issue is some unknown functionality of the file /member/ad.php?action=ad. The manipulation of the argument A_text/A_url/A_contact leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249392. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-7189 | 1 S-cms | 1 S-cms | 2024-11-21 | 5.5 Medium |
| A vulnerability classified as critical was found in S-CMS up to 2.0_build20220529-20231006. Affected by this vulnerability is an unknown functionality of the file /s/index.php?action=statistics. The manipulation of the argument lid leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249391. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-7188 | 1 Fahuo100 | 1 Fahuo100 | 2024-11-21 | 5 Medium |
| A vulnerability classified as critical has been found in Shipping 100 Fahuo100 up to 1.1. Affected is an unknown function of the file member/login.php. The manipulation of the argument M_pwd leads to sql injection. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. VDB-249390 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-7186 | 1 7-card | 1 Fakabao | 2024-11-21 | 5.5 Medium |
| A vulnerability was found in 7-card Fakabao up to 1.0_build20230805. It has been declared as critical. This vulnerability affects unknown code of the file member/notify.php. The manipulation of the argument out_trade_no leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249388. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-7185 | 1 7-card | 1 Fakabao | 2024-11-21 | 5.5 Medium |
| A vulnerability was found in 7-card Fakabao up to 1.0_build20230805. It has been classified as critical. This affects an unknown part of the file shop/wxpay_notify.php. The manipulation of the argument out_trade_no leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249387. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-7184 | 1 7-card | 1 Fakabao | 2024-11-21 | 5.5 Medium |
| A vulnerability was found in 7-card Fakabao up to 1.0_build20230805 and classified as critical. Affected by this issue is some unknown functionality of the file shop/notify.php. The manipulation of the argument out_trade_no leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-249386 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-7179 | 1 Online College Library System Project | 1 Online College Library System | 2024-11-21 | 4.7 Medium |
| A vulnerability, which was classified as critical, was found in Campcodes Online College Library System 1.0. Affected is an unknown function of the file /admin/category_row.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249366 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-7178 | 1 Online College Library System Project | 1 Online College Library System | 2024-11-21 | 4.7 Medium |
| A vulnerability, which was classified as critical, has been found in Campcodes Online College Library System 1.0. This issue affects some unknown processing of the file /admin/book_row.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249365 was assigned to this vulnerability. | ||||
| CVE-2023-7177 | 1 Online College Library System Project | 1 Online College Library System | 2024-11-21 | 4.7 Medium |
| A vulnerability classified as critical was found in Campcodes Online College Library System 1.0. This vulnerability affects unknown code of the file /admin/book_add.php of the component HTTP POST Request Handler. The manipulation of the argument category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249364. | ||||
| CVE-2023-7176 | 1 Online College Library System Project | 1 Online College Library System | 2024-11-21 | 4.7 Medium |
| A vulnerability classified as critical has been found in Campcodes Online College Library System 1.0. This affects an unknown part of the file /admin/return_add.php of the component HTTP POST Request Handler. The manipulation of the argument student leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249363. | ||||
| CVE-2023-7172 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the component Admin Dashboard. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249356. | ||||