ReportizFlow
Filtered by vendor
Subscriptions
Total
18623 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-41440 | 1 Billing System Project Project | 1 Billing System Project | 2025-05-20 | 7.2 High |
| Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/editcategory.php. | ||||
| CVE-2022-41439 | 1 Billing System Project Project | 1 Billing System Project | 2025-05-20 | 7.2 High |
| Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/edituser.php. | ||||
| CVE-2022-40887 | 1 Best Student Result Management System Project | 1 Best Student Result Management System | 2025-05-20 | 9.8 Critical |
| SourceCodester Best Student Result Management System 1.0 is vulnerable to SQL Injection. | ||||
| CVE-2022-33880 | 1 Hospital Management System Mini-project Project | 1 Hospital Management System Mini-project | 2025-05-20 | 9.8 Critical |
| hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter. | ||||
| CVE-2021-43361 | 1 Meddata | 1 Hbys | 2025-05-20 | 9.9 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MedData HBYS allows SQL Injection.This issue affects HBYS: from unspecified before 1.1. | ||||
| CVE-2021-43362 | 1 Meddata | 1 Hbys | 2025-05-20 | 9.9 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MedData HBYS allows SQL Injection.This issue affects HBYS: from unspecified before 1.1. | ||||
| CVE-2022-40944 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2025-05-20 | 9.8 Critical |
| Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file. | ||||
| CVE-2022-40315 | 2 Fedoraproject, Moodle | 3 Extra Packages For Enterprise Linux, Fedora, Moodle | 2025-05-20 | 9.8 Critical |
| A limited SQL injection risk was identified in the "browse list of users" site administration page. | ||||
| CVE-2022-41532 | 1 Open Source Sacco Management System Project | 1 Open Source Sacco Management System | 2025-05-20 | 7.2 High |
| Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.php?action=delete_plan. | ||||
| CVE-2022-40943 | 1 Phpgurukul | 1 Dairy Farm Shop Management System | 2025-05-20 | 9.8 Critical |
| Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via bwdate-report-ds.php file. | ||||
| CVE-2022-36961 | 1 Solarwinds | 1 Orion Platform | 2025-05-20 | 8.8 High |
| A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution. | ||||
| CVE-2022-40872 | 1 Simple E-learning System Project | 1 Simple E-learning System | 2025-05-20 | 9.8 Critical |
| An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode. | ||||
| CVE-2025-1578 | 1 Phpgurukul | 1 Online Shopping Portal | 2025-05-20 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in PHPGurukul/Campcodes Online Shopping Portal 2.1. This affects an unknown part of the file /search-result.php. The manipulation of the argument Product leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-10864 | 2025-05-20 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText Advanced Authentication. This issue affects Advanced Authentication versions before 6.5 | ||||
| CVE-2022-42230 | 1 Simple Cold Storage Management System Project | 1 Simple Cold Storage Managment System | 2025-05-20 | 7.2 High |
| Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/admin/?page=user/manage_user&id=. | ||||
| CVE-2022-41530 | 1 Open Source Sacco Management System Project | 1 Open Source Sacco Management System | 2025-05-20 | 7.2 High |
| Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.php?action=delete_borrower. | ||||
| CVE-2022-41408 | 1 Online Pet Shop We App Project | 1 Online Pet Shop We App | 2025-05-20 | 9.8 Critical |
| Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=orders/view_order. | ||||
| CVE-2022-41407 | 1 Online Pet Shop We App Project | 1 Online Pet Shop We App | 2025-05-20 | 7.2 High |
| Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=orders/view_order. | ||||
| CVE-2024-5522 | 1 Bplugins | 1 Html5 Video Player | 2025-05-20 | 6.5 Medium |
| The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks | ||||
| CVE-2024-4533 | 1 Krzysztof-furtak | 1 Kkprogressbar2 | 2025-05-19 | 6.5 Medium |
| The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin users to perform SQL injection attacks | ||||