Total
17599 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-34933 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 6.3 Medium |
| A SQL injection vulnerability in /model/update_grade.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the admission_fee parameter. | ||||
| CVE-2024-34934 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 9.8 Critical |
| A SQL injection vulnerability in /view/emarks_range_grade_update_form.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter. | ||||
| CVE-2024-34935 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 9.8 Critical |
| A SQL injection vulnerability in /view/conversation_history_admin.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter. | ||||
| CVE-2024-34936 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 8.6 High |
| A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the month parameter. | ||||
| CVE-2024-33799 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 9.8 Critical |
| A SQL injection vulnerability in /model/get_teacher.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2024-33800 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 9.8 Critical |
| A SQL injection vulnerability in /model/get_student1.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter. | ||||
| CVE-2024-33801 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 9.8 Critical |
| A SQL injection vulnerability in /model/get_subject_routing.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2024-33802 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 6.5 Medium |
| A SQL injection vulnerability in /model/get_student_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter. | ||||
| CVE-2024-33803 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 5.4 Medium |
| A SQL injection vulnerability in /model/get_exam.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2024-33804 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 6.3 Medium |
| A SQL injection vulnerability in /model/get_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2024-33805 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 9.8 Critical |
| A SQL injection vulnerability in /model/get_student.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2024-33806 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 9.8 Critical |
| A SQL injection vulnerability in /model/get_grade.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2024-33807 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 5.4 Medium |
| A SQL injection vulnerability in /model/get_teacher_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter. | ||||
| CVE-2024-33808 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 9.8 Critical |
| A SQL injection vulnerability in /model/get_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2024-33402 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | 8.1 High |
| A SQL injection vulnerability in /model/approve_petty_cash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2023-52155 | 1 Sigb | 1 Pmb | 2025-03-25 | 7.2 High |
| A SQL Injection vulnerability in /admin/sauvegarde/run.php in PMB 7.4.7 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via the sauvegardes variable through the /admin/sauvegarde/run.php endpoint. | ||||
| CVE-2023-52153 | 1 Sigb | 1 Pmb | 2025-03-25 | 9.8 Critical |
| A SQL Injection vulnerability in /pmb/opac_css/includes/sessions.inc.php in PMB 7.4.7 and earlier allows remote unauthenticated attackers to inject arbitrary SQL commands via the PmbOpac-LOGIN cookie value. | ||||
| CVE-2023-51828 | 1 Sigb | 1 Pmb | 2025-03-25 | 9.8 Critical |
| A SQL Injection vulnerability in /admin/convert/export.class.php in PMB 7.4.7 and earlier versions allows remote unauthenticated attackers to execute arbitrary SQL commands via the query parameter in get_next_notice function. | ||||
| CVE-2023-38844 | 1 Sigb | 1 Pmb | 2025-03-25 | 7.5 High |
| SQL injection vulnerability in PMB v.7.4.7 and earlier allows a remote attacker to execute arbitrary code via the thesaurus parameter in export_skos.php. | ||||
| CVE-2023-37177 | 1 Sigb | 1 Pmb | 2025-03-25 | 9.8 Critical |
| SQL Injection vulnerability in PMB Services PMB v.7.4.7 and before allows a remote unauthenticated attacker to execute arbitrary code via the query parameter in the /admin/convert/export_z3950.php endpoint. | ||||