Total
17599 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-4422 | 1 Bulutses | 1 Bulutdesk Callcenter | 2025-04-08 | 9.8 Critical |
| Call Center System developed by Bulutses Information Technologies before version 3.0 has an unauthenticated Sql Injection vulnerability. This has been fixed in the version 3.0 | ||||
| CVE-2022-40615 | 2 Ibm, Linux | 2 Sterling Partner Engagement Manager, Linux Kernel | 2025-04-08 | 6.3 Medium |
| IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 236208. | ||||
| CVE-2025-25914 | 1 Carmelo | 1 Online Exam Mastering System | 2025-04-08 | 9.8 Critical |
| SQL injection vulnerability in Online Exam Mastering System v.1.0 allows a remote attacker to execute arbitrary code via the fid parameter | ||||
| CVE-2024-25428 | 1 Mrcms | 1 Mrcms | 2025-04-08 | 6.5 Medium |
| SQL Injection vulnerability in MRCMS v3.1.2 allows attackers to run arbitrary system commands via the status parameter. | ||||
| CVE-2025-2385 | 1 Code-projects | 1 Modern Bag | 2025-04-07 | 7.3 High |
| A vulnerability has been found in code-projects Modern Bag 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument userEmail/userPassword leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2022-48090 | 1 Hotel Management System Project | 1 Hotel Management System | 2025-04-07 | 6.5 Medium |
| Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to SQL Injection via /app/dao/CustomerDAO.php. | ||||
| CVE-2022-46956 | 1 Dynamic Transaction Queuing System Project | 1 Dynamic Transaction Queuing System | 2025-04-07 | 7.2 High |
| Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/manage_user.php. | ||||
| CVE-2022-46955 | 1 Dynamic Transaction Queuing System Project | 1 Dynamic Transaction Queuing System | 2025-04-07 | 9.8 Critical |
| Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=save_queue. | ||||
| CVE-2022-46953 | 1 Dynamic Transaction Queuing System Project | 1 Dynamic Transaction Queuing System | 2025-04-07 | 7.2 High |
| Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=save_window. | ||||
| CVE-2022-46950 | 1 Dynamic Transaction Queuing System Project | 1 Dynamic Transaction Queuing System | 2025-04-07 | 7.2 High |
| Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=delete_window. | ||||
| CVE-2022-46093 | 1 Hospital Management System Project | 1 Hospital Management System | 2025-04-07 | 8.2 High |
| Hospital Management System v1.0 is vulnerable to SQL Injection. Attackers can gain administrator privileges without the need for a password. | ||||
| CVE-2023-22959 | 1 Webchess Project | 1 Webchess | 2025-04-07 | 8.8 High |
| WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php (txtFirstName, txtLastName). | ||||
| CVE-2022-46954 | 1 Dynamic Transaction Queuing System Project | 1 Dynamic Transaction Queuing System | 2025-04-07 | 9.8 Critical |
| Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=delete_transaction. | ||||
| CVE-2022-46949 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-07 | 7.2 High |
| Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_helmet. | ||||
| CVE-2022-46947 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-07 | 7.2 High |
| Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category. | ||||
| CVE-2022-46946 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-07 | 7.2 High |
| Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_brand. | ||||
| CVE-2022-46502 | 1 Online Student Enrollment System Project | 1 Online Student Enrollment System | 2025-04-07 | 9.8 Critical |
| Online Student Enrollment System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at /student_enrollment/admin/login.php. | ||||
| CVE-2022-46471 | 1 Online Health Care System Project | 1 Online Health Care System | 2025-04-07 | 9.8 Critical |
| Online Health Care System v1.0 was discovered to contain a SQL injection vulnerability via the consulting_id parameter at /healthcare/Admin/consulting_detail.php. | ||||
| CVE-2025-0298 | 1 Code-projects | 1 Online Book Shop | 2025-04-07 | 6.3 Medium |
| A vulnerability was found in code-projects Online Book Shop 1.0. It has been rated as critical. This issue affects some unknown processing of the file /process_login.php. The manipulation of the argument usernm leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-0299 | 1 Code-projects | 1 Online Book Shop | 2025-04-07 | 6.3 Medium |
| A vulnerability classified as critical has been found in code-projects Online Book Shop 1.0. Affected is an unknown function of the file /search_result.php. The manipulation of the argument s leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||