Total
19555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-45321 | 1 Lopalopa | 1 Online Service Management Portal | 2026-06-17 | N/A | 8.8 HIGH |
| kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in /osms/Requester/Requesterchangepass.php via the parameter: rPassword. | |||||
| CVE-2025-45240 | 1 Qianfox | 1 Foxcms | 2026-06-17 | N/A | 6.5 MEDIUM |
| foxcms v1.2.5 was discovered to contain a SQL injection vulnerability via the executeCommand method in DataBackup.php. | |||||
| CVE-2025-45065 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| employee record management system in php and mysql v1 was discovered to contain a SQL injection vulnerability via the loginerms.php endpoint. | |||||
| CVE-2025-45021 | 1 Phpgurukul | 1 Directory Management System | 2026-06-17 | N/A | 5.3 MEDIUM |
| A SQL Injection vulnerability was identified in the admin/edit-directory.php file of the PHPGurukul Directory Management System v2.0. Attackers can exploit this vulnerability via the email parameter in a POST request to execute arbitrary SQL commands. | |||||
| CVE-2025-45020 | 1 Phpgurukul | 1 Park Ticketing Management System | 2026-06-17 | N/A | 7.2 HIGH |
| A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the todate parameter in a POST request. | |||||
| CVE-2025-45019 | 1 Phpgurukul | 1 Park Ticketing Management System | 2026-06-17 | N/A | 5.4 MEDIUM |
| A SQL injection vulnerability was discovered in /add-foreigners-ticket.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the cprice POST request parameter. | |||||
| CVE-2025-45018 | 1 Phpgurukul | 1 Park Ticketing Management System | 2026-06-17 | N/A | 9.8 CRITICAL |
| A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the todate parameter. | |||||
| CVE-2025-45017 | 1 Phpgurukul | 1 Park Ticketing Management System | 2026-06-17 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability was discovered in edit-ticket.php of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the tprice POST request parameter. | |||||
| CVE-2025-44831 | 1 Engineercms Project | 1 Engineercms | 2026-06-17 | N/A | 9.8 CRITICAL |
| EngineerCMS v1.02 through v2.0.5 has a SQL injection vulnerability in the /project/addproject interface. | |||||
| CVE-2025-44830 | 1 Engineercms Project | 1 Engineercms | 2026-06-17 | N/A | 9.8 CRITICAL |
| EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in the /project/addprojtemplet interface. | |||||
| CVE-2025-44608 | 1 Vishalmathur | 1 Cloudclassroom-php Project | 2026-06-17 | N/A | 6.5 MEDIUM |
| CloudClassroom-PHP Project v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter. | |||||
| CVE-2025-44194 | 1 Oretnom23 | 1 Simple Barangay Management System | 2026-06-17 | N/A | 7.3 HIGH |
| SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_household. | |||||
| CVE-2025-44193 | 1 Oretnom23 | 1 Simple Barangay Management System | 2026-06-17 | N/A | 7.6 HIGH |
| SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_complaint. | |||||
| CVE-2025-44192 | 1 Oretnom23 | 1 Simple Barangay Management System | 2026-06-17 | N/A | 9.8 CRITICAL |
| SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_clearance. | |||||
| CVE-2025-44135 | 1 Code-projects | 1 Online Class And Exam Scheduling System | 2026-06-17 | N/A | 6.5 MEDIUM |
| A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0 in /Scheduling/pages/profile_update.php. Manipulating the parameter username will cause SQL injection attacks. | |||||
| CVE-2025-44134 | 1 Code-projects | 1 Online Class And Exam Scheduling System | 2026-06-17 | N/A | 6.5 MEDIUM |
| A vulnerability was found in Code-Projects Online Class and Exam Scheduling System 1.0 in the file /Scheduling/pages/class_save.php. Manipulation of parameter class will lead to SQL injection attacks. | |||||
| CVE-2025-44074 | 1 Seacms | 1 Seacms | 2026-06-17 | N/A | 9.8 CRITICAL |
| SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_topic.php. | |||||
| CVE-2025-44073 | 1 Seacms | 1 Seacms | 2026-06-17 | N/A | 9.8 CRITICAL |
| SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_comment_news.php. | |||||
| CVE-2025-44072 | 1 Seacms | 1 Seacms | 2026-06-17 | N/A | 9.8 CRITICAL |
| SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_manager.php. | |||||
| CVE-2025-44034 | 1 Aaluoxiang | 1 Oa System | 2026-06-17 | N/A | 8.0 HIGH |
| SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the alph parameters in src/main/Java/cn/gson/oasys/controller/address/AddrController | |||||
