Total
16207 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-34932 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /model/update_exam.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter. | |||||
| CVE-2024-34933 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 6.3 MEDIUM |
| A SQL injection vulnerability in /model/update_grade.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the admission_fee parameter. | |||||
| CVE-2024-34934 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /view/emarks_range_grade_update_form.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter. | |||||
| CVE-2024-34935 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /view/conversation_history_admin.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversation_id parameter. | |||||
| CVE-2024-34936 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 8.6 HIGH |
| A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the month parameter. | |||||
| CVE-2024-33799 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /model/get_teacher.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2024-33800 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /model/get_student1.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter. | |||||
| CVE-2024-33801 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /model/get_subject_routing.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2024-33802 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 6.5 MEDIUM |
| A SQL injection vulnerability in /model/get_student_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter. | |||||
| CVE-2024-33803 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 5.4 MEDIUM |
| A SQL injection vulnerability in /model/get_exam.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2024-33804 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 6.3 MEDIUM |
| A SQL injection vulnerability in /model/get_subject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2024-33805 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /model/get_student.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2024-33806 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /model/get_grade.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2024-33807 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 5.4 MEDIUM |
| A SQL injection vulnerability in /model/get_teacher_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter. | |||||
| CVE-2024-33808 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in /model/get_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2024-33402 | 1 Campcodes | 1 Complete Web-based School Management System | 2025-03-25 | N/A | 8.1 HIGH |
| A SQL injection vulnerability in /model/approve_petty_cash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2023-52155 | 1 Sigb | 1 Pmb | 2025-03-25 | N/A | 7.2 HIGH |
| A SQL Injection vulnerability in /admin/sauvegarde/run.php in PMB 7.4.7 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via the sauvegardes variable through the /admin/sauvegarde/run.php endpoint. | |||||
| CVE-2023-52153 | 1 Sigb | 1 Pmb | 2025-03-25 | N/A | 9.8 CRITICAL |
| A SQL Injection vulnerability in /pmb/opac_css/includes/sessions.inc.php in PMB 7.4.7 and earlier allows remote unauthenticated attackers to inject arbitrary SQL commands via the PmbOpac-LOGIN cookie value. | |||||
| CVE-2023-51828 | 1 Sigb | 1 Pmb | 2025-03-25 | N/A | 9.8 CRITICAL |
| A SQL Injection vulnerability in /admin/convert/export.class.php in PMB 7.4.7 and earlier versions allows remote unauthenticated attackers to execute arbitrary SQL commands via the query parameter in get_next_notice function. | |||||
| CVE-2023-38844 | 1 Sigb | 1 Pmb | 2025-03-25 | N/A | 7.5 HIGH |
| SQL injection vulnerability in PMB v.7.4.7 and earlier allows a remote attacker to execute arbitrary code via the thesaurus parameter in export_skos.php. | |||||