Total
11922 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-31821 | 2024-07-03 | N/A | 8.0 HIGH | ||
| SQL Injection vulnerability in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the manageQuantitiesAndProcurement method of the Orders_model.php component. | |||||
| CVE-2024-31750 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
| SQL injection vulnerability in f-logic datacube3 v.1.0 allows a remote attacker to obtain sensitive information via the req_id parameter. | |||||
| CVE-2024-31547 | 2024-07-03 | N/A | 9.1 CRITICAL | ||
| Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/item/view_item.php. | |||||
| CVE-2024-31546 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
| Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/view_damage.php. | |||||
| CVE-2024-31545 | 2024-07-03 | N/A | 9.4 CRITICAL | ||
| Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manage_user&id=6. | |||||
| CVE-2024-30990 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
| SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter. | |||||
| CVE-2024-30985 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
| SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters. | |||||
| CVE-2024-30983 | 2024-07-03 | N/A | 7.3 HIGH | ||
| SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the compname parameter in /edit-computer-detail.php file. | |||||
| CVE-2024-30982 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
| SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the upid parameter in the /view-user-detail.php file. | |||||
| CVE-2024-30981 | 2024-07-03 | N/A | N/A | ||
| SQL Injection vulnerability in /edit-computer-detail.php in phpgurukul Cyber Cafe Management System Using PHP & MySQL v1.0 allows attackers to run arbitrary SQL commands via editid in the application URL. | |||||
| CVE-2024-30974 | 2024-07-03 | N/A | 7.3 HIGH | ||
| SQL Injection vulnerability in autoexpress v.1.3.0 allows attackers to run arbitrary SQL commands via the carId parameter. | |||||
| CVE-2024-30938 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
| SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to obtain sensitive information via the ID parameter in the SEMCMS_User.php component. | |||||
| CVE-2024-30928 | 2024-07-03 | N/A | 8.1 HIGH | ||
| SQL Injection vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary SQL commands via 'classids' Parameter in ajax/query.slide.next.inc | |||||
| CVE-2024-30862 | 2024-07-03 | N/A | 8.8 HIGH | ||
| netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /3g/index.php. | |||||
| CVE-2024-29846 | 2024-07-03 | N/A | 8.4 HIGH | ||
| An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | |||||
| CVE-2024-29830 | 2024-07-03 | N/A | 8.4 HIGH | ||
| An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | |||||
| CVE-2024-29829 | 2024-07-03 | N/A | 8.4 HIGH | ||
| An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code. | |||||
| CVE-2024-29827 | 2024-07-03 | N/A | 9.6 CRITICAL | ||
| An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | |||||
| CVE-2024-29826 | 2024-07-03 | N/A | 9.6 CRITICAL | ||
| An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | |||||
| CVE-2024-29825 | 2024-07-03 | N/A | 9.6 CRITICAL | ||
| An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. | |||||