Total
16030 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-4786 | 1 Oretnom23 | 1 Stock Management System | 2025-05-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/?page=return/view_return. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4787 | 1 Oretnom23 | 1 Stock Management System | 2025-05-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected is an unknown function of the file /admin/?page=sales/view_sale. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4782 | 1 Oretnom23 | 1 Stock Management System | 2025-05-23 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability has been found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /sms/admin/?page=receiving/view_receiving&id=1. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-40093 | 1 Online Tours And Travels Management System Project | 1 Online Tours And Travels Management System | 2025-05-22 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_tax.php. | |||||
| CVE-2022-40092 | 1 Online Tours And Travels Management System Project | 1 Online Tours And Travels Management System | 2025-05-22 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_payment.php. | |||||
| CVE-2022-40091 | 1 Online Tours And Travels Management System Project | 1 Online Tours And Travels Management System | 2025-05-22 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_packages.php. | |||||
| CVE-2021-24786 | 1 Wpchill | 1 Download Monitor | 2025-05-22 | 6.5 MEDIUM | 7.2 HIGH |
| The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the "orderby" GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Injection issue | |||||
| CVE-2024-12735 | 1 Niceit | 1 Advance Post Prefix | 2025-05-22 | N/A | 7.2 HIGH |
| The Advance Post Prefix WordPress plugin through 1.1.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins and above to perform SQL injection attacks | |||||
| CVE-2025-46188 | 1 Lerouxyxchire | 1 Client Database Management System | 2025-05-22 | N/A | 9.8 CRITICAL |
| SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in superadmin_phpmyadmin.php. | |||||
| CVE-2025-46189 | 1 Lerouxyxchire | 1 Client Database Management System | 2025-05-22 | N/A | 9.8 CRITICAL |
| SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_order_customer_update.php via the order_id POST parameter. | |||||
| CVE-2025-46190 | 1 Lerouxyxchire | 1 Client Database Management System | 2025-05-22 | N/A | 9.8 CRITICAL |
| SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_delivery_update.php via the order_id POST parameter. | |||||
| CVE-2025-46192 | 1 Lerouxyxchire | 1 Client Database Management System | 2025-05-22 | N/A | 9.8 CRITICAL |
| SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_payment_update.php via the order_id POST parameter. | |||||
| CVE-2020-26630 | 1 Phpgurukul | 1 Hospital Management System | 2025-05-22 | N/A | 4.9 MEDIUM |
| A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which can allow an attacker to dump database information via a special payload in the 'Doctor Specialization' field under the 'Go to Doctors' tab after logging in as an admin. | |||||
| CVE-2022-40122 | 1 Online Banking System Project | 1 Online Banking System | 2025-05-22 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/edit_customer_action.php. | |||||
| CVE-2022-40121 | 1 Online Banking System Project | 1 Online Banking System | 2025-05-22 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search parameter at /net-banking/manage_customers.php. | |||||
| CVE-2022-40120 | 1 Online Banking System Project | 1 Online Banking System | 2025-05-22 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search_term parameter at /net-banking/customer_transactions.php. | |||||
| CVE-2022-40119 | 1 Online Banking System Project | 1 Online Banking System | 2025-05-22 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search_term parameter at /net-banking/transactions.php. | |||||
| CVE-2022-40118 | 1 Online Banking System Project | 1 Online Banking System | 2025-05-22 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/send_funds_action.php. | |||||
| CVE-2022-40117 | 1 Online Banking System Project | 1 Online Banking System | 2025-05-22 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/delete_customer.php. | |||||
| CVE-2022-40113 | 1 Online Banking System Project | 1 Online Banking System | 2025-05-22 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/send_funds.php. | |||||