ReportizFlow
Filtered by vendor
Subscriptions
Total
16470 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-33666 | 1 Ai-dev | 1 Aioptimizedcombinations | 2024-11-21 | 9.8 Critical |
| ai-dev aioptimizedcombinations before v0.1.3 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php. | ||||
| CVE-2023-33665 | 1 Ai-dev | 1 Ai-table | 2024-11-21 | 9.8 Critical |
| ai-dev aitable before v0.2.2 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php. | ||||
| CVE-2023-33664 | 1 Ai-dev | 1 Declinaisons A La Volee | 2024-11-21 | 8.8 High |
| ai-dev aicombinationsonfly before v0.3.1 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php. | ||||
| CVE-2023-33663 | 1 Ai-dev | 1 Aicustomfee | 2024-11-21 | 9.8 Critical |
| In the module “Customization fields fee for your store” (aicustomfee) from ai-dev module for PrestaShop, an attacker can perform SQL injection up to 0.2.0. Release 0.2.1 fixed this security issue. | ||||
| CVE-2023-33584 | 1 Enrollment System Project | 1 Enrollment System | 2024-11-21 | 9.8 Critical |
| Sourcecodester Enrollment System Project V1.0 is vulnerable to SQL Injection (SQLI) attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the username and password fields during the login process, enabling an attacker to inject malicious SQL code. | ||||
| CVE-2023-33481 | 1 Remoteclinic | 1 Remote Clinic | 2024-11-21 | 9.8 Critical |
| RemoteClinic 2.0 is vulnerable to a time-based blind SQL injection attack in the 'start' GET parameter of patients/index.php. | ||||
| CVE-2023-33479 | 1 Remoteclinic | 1 Remote Clinic | 2024-11-21 | 9.8 Critical |
| RemoteClinic version 2.0 contains a SQL injection vulnerability in the /staff/edit.php file. | ||||
| CVE-2023-33478 | 1 Remoteclinic | 1 Remote Clinic | 2024-11-21 | 9.8 Critical |
| RemoteClinic 2.0 has a SQL injection vulnerability in the ID parameter of /medicines/stocks.php. | ||||
| CVE-2023-33367 | 1 Assaabloy | 1 Control Id Idsecure | 2024-11-21 | 9.8 Critical |
| A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated attackers to write PHP files on the server's root directory, resulting in remote code execution. | ||||
| CVE-2023-33366 | 1 Supremainc | 1 Biostar 2 | 2024-11-21 | 8.8 High |
| A SQL injection vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows authenticated users to inject arbitrary SQL directives into an SQL statement and execute arbitrary SQL commands. | ||||
| CVE-2023-33331 | 1 Woo | 1 Product Vendors | 2024-11-21 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce Product Vendors allows SQL Injection.This issue affects Product Vendors: from n/a through 2.1.76. | ||||
| CVE-2023-33330 | 1 Woocommerce | 1 Automatewoo | 2024-11-21 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50. | ||||
| CVE-2023-33209 | 1 Crawlspider | 1 Seo Change Monitor | 2024-11-21 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CrawlSpider SEO Change Monitor – Track Website Changes.This issue affects SEO Change Monitor – Track Website Changes: from n/a through 1.2. | ||||
| CVE-2023-32743 | 1 Woocommerce | 1 Automatewoo | 2024-11-21 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.1. | ||||
| CVE-2023-32590 | 1 Subscribe To Category Project | 1 Subscribe To Category | 2024-11-21 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category.This issue affects Subscribe to Category: from n/a through 2.7.4. | ||||
| CVE-2023-32508 | 1 Cagewebdev | 1 Order Your Posts Manually | 2024-11-21 | 7.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolf van Gelder Order Your Posts Manually allows SQL Injection.This issue affects Order Your Posts Manually: from n/a through 2.2.5. | ||||
| CVE-2023-32128 | 1 Adastracrypto | 1 Cryptocurrency Payment \& Donation Box | 2024-11-21 | 5.5 Medium |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free: from n/a through 2.2.7. | ||||
| CVE-2023-31945 | 1 Online Travel Agency System Project | 1 Online Travel Agency System | 2024-11-21 | 7.2 High |
| SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the id parameter at daily_expenditure_edit.php. | ||||
| CVE-2023-31944 | 1 Online Travel Agency System Project | 1 Online Travel Agency System | 2024-11-21 | 7.2 High |
| SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_edit.php. | ||||
| CVE-2023-31943 | 1 Online Travel Agency System Project | 1 Online Travel Agency System | 2024-11-21 | 7.2 High |
| SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the ticket_id parameter at ticket_detail.php. | ||||