Total
15601 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-29288 | 1 Adrianmercurio | 1 Gym Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable. | |||||
| CVE-2020-29287 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or the car_id parameter in booking.php. | |||||
| CVE-2020-29285 | 1 Point Of Sales In Php\/pdo Project | 1 Point Of Sales In Php\/pdo | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to edit_category.php. | |||||
| CVE-2020-29284 | 1 Multi Restaurant Table Reservation System Project | 1 Multi Restaurant Table Reservation System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?table_id= to trigger the vulnerability. | |||||
| CVE-2020-29283 | 1 Online Doctor Appointment Booking System Php And Mysql Project | 1 Online Doctor Appointment Booking System Php And Mysql | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An SQL injection vulnerability was discovered in Online Doctor Appointment Booking System PHP and Mysql via the q parameter to getuser.php. | |||||
| CVE-2020-29282 | 1 Bloodx Project | 1 Bloodx | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in BloodX 1.0 allows attackers to bypass authentication. | |||||
| CVE-2020-29280 | 1 Victor Cms Project | 1 Victor Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Victor CMS v1.0 application is vulnerable to SQL injection via the 'search' parameter on the search.php page. | |||||
| CVE-2020-29228 | 1 Egavilanmedia | 1 User Registration And Login System With Admin Panel | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| EGavilanMedia User Registration and Login System With Admin Panel 1.0 is affected by SQL injection in the User Login Page. | |||||
| CVE-2020-29214 | 1 Alumni Management System Project | 1 Alumni Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in SourceCodester Alumni Management System 1.0 allows the user to inject SQL payload to bypass the authentication via admin/login.php. | |||||
| CVE-2020-29163 | 1 Rainbowfishsoftware | 1 Pacsone Server | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by SQL injection. | |||||
| CVE-2020-29147 | 1 Wayang-cms Project | 1 Wayang-cms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A SQL injection vulnerability in wy_controlls/wy_side_visitor.php of Wayang-CMS v1.0 allows attackers to obtain sensitive database information. | |||||
| CVE-2020-29143 | 1 Open-emr | 1 Openemr | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A SQL injection vulnerability in interface/reports/non_reported.php in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the form_code parameter. | |||||
| CVE-2020-29142 | 1 Open-emr | 1 Openemr | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A SQL injection vulnerability in interface/usergroup/usergroup_admin.php in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the schedule_facility parameter when restrict_user_facility=on is in global settings. | |||||
| CVE-2020-29140 | 1 Open-emr | 1 Openemr | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A SQL injection vulnerability in interface/reports/immunization_report.php in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the form_code parameter. | |||||
| CVE-2020-29139 | 1 Open-emr | 1 Openemr | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A SQL injection vulnerability in interface/main/finder/patient_select.php from library/patient.inc in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the searchFields parameter. | |||||
| CVE-2020-29015 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL statement. | |||||
| CVE-2020-29011 | 1 Fortinet | 1 Fortisandbox | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Instances of SQL Injection vulnerabilities in the checksum search and MTA-quarantine modules of FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated attacker to execute unauthorized code on the underlying SQL interpreter via specifically crafted HTTP requests. | |||||
| CVE-2020-28994 | 1 Karenderia Multiple Restaurant System Project | 1 Karenderia Multiple Restaurant System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability was discovered in Karenderia Multiple Restaurant System, affecting versions 5.4.2 and below. The vulnerability allows for an unauthenticated attacker to perform various tasks such as modifying and leaking all contents of the database. | |||||
| CVE-2020-28960 | 1 Cct95 | 1 Chichen Tech Cms | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Chichen Tech CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the file product_list.php via the id and cid parameters. | |||||
| CVE-2020-28860 | 1 Openasset | 1 Digital Asset Management | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| OpenAssetDigital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input, incorporating it into its SQL queries, allowing for authenticated blind SQL injection. | |||||