Total
17581 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-1747 | 1 Ibos | 1 Ibos | 2025-02-12 | 6.3 Medium |
| A vulnerability has been found in IBOS up to 4.5.4 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /?r=email/api/mark&op=delFromSend. The manipulation of the argument emailids leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.5.5 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-224635. | ||||
| CVE-2024-24772 | 1 Apache | 1 Superset | 2025-02-12 | 4.3 Medium |
| A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database.This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1 or 3.0.4, which fixes the issue. | ||||
| CVE-2024-1702 | 1 Keerti1924 | 1 Php Mysql User Signup Login System | 2025-02-12 | 6.3 Medium |
| A vulnerability was found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /edit.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-254390 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-1494 | 1 Ibos | 1 Ibos | 2025-02-11 | 6.3 Medium |
| A vulnerability classified as critical has been found in IBOS 4.5.5. Affected is an unknown function of the file ApiController.php. The manipulation of the argument emailids leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223380. | ||||
| CVE-2023-1675 | 1 School Registration And Fee System Project | 1 School Registration And Fee System | 2025-02-11 | 6.3 Medium |
| A vulnerability was found in SourceCodester School Registration and Fee System 1.0. It has been classified as critical. Affected is an unknown function of the file /bilal final/edit_stud.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224232. | ||||
| CVE-2020-36073 | 1 Tailor Management System Project | 1 Tailor Management System | 2025-02-11 | 8.8 High |
| SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the detail parameter of the document.php page. | ||||
| CVE-2023-1737 | 1 Young Entrepreneur E-negosyo System Project | 1 Young Entrepreneur E-negosyo System | 2025-02-11 | 7.3 High |
| A vulnerability, which was classified as critical, was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument U_USERNAME leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-224625 was assigned to this vulnerability. | ||||
| CVE-2023-1735 | 1 Young Entrepreneur E-negosyo System Project | 1 Young Entrepreneur E-negosyo System | 2025-02-11 | 6.3 Medium |
| A vulnerability classified as critical was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this vulnerability is an unknown functionality of the file passwordrecover.php. The manipulation of the argument phonenumber leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-224623. | ||||
| CVE-2024-4807 | 1 Lopalopa | 1 College Management System | 2025-02-11 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in Kashipara College Management System 1.0. This issue affects some unknown processing of the file delete_user.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263927. | ||||
| CVE-2024-4905 | 1 Lopalopa | 1 College Management System | 2025-02-11 | 6.3 Medium |
| A vulnerability classified as critical has been found in Kashipara College Management System 1.0. Affected is an unknown function of the file view_students_each_detail.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-264438 is the identifier assigned to this vulnerability. | ||||
| CVE-2024-4808 | 1 Lopalopa | 1 College Management System | 2025-02-11 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in Kashipara College Management System 1.0. Affected is an unknown function of the file delete_faculty.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263928. | ||||
| CVE-2024-4799 | 1 Lopalopa | 1 College Management System | 2025-02-11 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in Kashipara College Management System 1.0. This affects an unknown part of the file view_each_faculty.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263919. | ||||
| CVE-2024-4800 | 1 Lopalopa | 1 College Management System | 2025-02-11 | 6.3 Medium |
| A vulnerability has been found in Kashipara College Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file submit_student.php. The manipulation of the argument date_of_birth leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263920. | ||||
| CVE-2024-4801 | 1 Lopalopa | 1 College Management System | 2025-02-11 | 6.3 Medium |
| A vulnerability was found in Kashipara College Management System 1.0 and classified as critical. This issue affects some unknown processing of the file submit_new_faculty.php. The manipulation of the argument address leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263921 was assigned to this vulnerability. | ||||
| CVE-2024-4802 | 1 Lopalopa | 1 College Management System | 2025-02-11 | 6.3 Medium |
| A vulnerability was found in Kashipara College Management System 1.0. It has been classified as critical. Affected is an unknown function of the file submit_extracurricular_activity.php. The manipulation of the argument activity_datetime leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-263922 is the identifier assigned to this vulnerability. | ||||
| CVE-2024-4803 | 1 Lopalopa | 1 College Management System | 2025-02-11 | 6.3 Medium |
| A vulnerability was found in Kashipara College Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file submit_admin.php. The manipulation of the argument phone leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263923. | ||||
| CVE-2024-4804 | 1 Lopalopa | 1 College Management System | 2025-02-11 | 6.3 Medium |
| A vulnerability was found in Kashipara College Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file edit_user.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263924. | ||||
| CVE-2024-4805 | 1 Lopalopa | 1 College Management System | 2025-02-11 | 6.3 Medium |
| A vulnerability classified as critical has been found in Kashipara College Management System 1.0. This affects an unknown part of the file edit_faculty.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263925 was assigned to this vulnerability. | ||||
| CVE-2024-4806 | 1 Lopalopa | 1 College Management System | 2025-02-11 | 6.3 Medium |
| A vulnerability classified as critical was found in Kashipara College Management System 1.0. This vulnerability affects unknown code of the file each_extracurricula_activities.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-263926 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-28843 | 1 202-ecommerce | 1 Paypal | 2025-02-11 | 9.8 Critical |
| PrestaShop/paypal is an open source module for the PrestaShop web commerce ecosystem which provides paypal payment support. A SQL injection vulnerability found in the PrestaShop paypal module from release from 3.12.0 to and including 3.16.3 allow a remote attacker to gain privileges, modify data, and potentially affect system availability. The cause of this issue is that SQL queries were being constructed with user input which had not been properly filtered. Only deployments on PrestaShop 1.6 are affected. Users are advised to upgrade to module version 3.16.4. There are no known workarounds for this vulnerability. | ||||