ReportizFlow
Filtered by vendor
Subscriptions
Total
16423 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-44581 | 1 Kreado | 1 Kreasfero | 2024-11-21 | 7.5 High |
| An SQL Injection vulnerabilty exists in Kreado Kreasfero 1.5 via the id parameter. | ||||
| CVE-2021-44567 | 1 Rosariosis | 1 Rosariosis | 2024-11-21 | 9.8 Critical |
| An unauthenticated SQL Injection vulnerability exists in RosarioSIS before 7.6.1 via the votes parameter in ProgramFunctions/PortalPollsNotes.fnc.php. | ||||
| CVE-2021-44427 | 1 Rosariosis | 1 Rosariosis | 2024-11-21 | 9.8 Critical |
| An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis) before 8.1.1 allows remote attackers to execute PostgreSQL statements (e.g., SELECT, INSERT, UPDATE, and DELETE) through /Side.php via the syear parameter. | ||||
| CVE-2021-44350 | 1 Thinkphp | 1 Thinkphp | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability exists in ThinkPHP5 5.0.x <=5.1.22 via the parseOrder function in Builder.php. | ||||
| CVE-2021-44349 | 1 Yejiao | 1 Tuzicms | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage\Controller\DownloadController.class.php. | ||||
| CVE-2021-44348 | 1 Yejiao | 1 Tuzicms | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameer in App\Manage\Controller\AdvertController.class.php. | ||||
| CVE-2021-44347 | 1 Yejiao | 1 Tuzicms | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController.class.php. | ||||
| CVE-2021-44345 | 1 Wvti | 1 One Card Integrated Management System | 2024-11-21 | 7.5 High |
| Beijing Wisdom Vision Technology Industry Co., Ltd One Card Integrated Management System 3.0 is vulnerable to SQL Injection. | ||||
| CVE-2021-44302 | 1 Baicloud-cms Project | 1 Baicloud-cms | 2024-11-21 | 8.8 High |
| BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the tongji and baidu_map parameters in /user/ztconfig.php. | ||||
| CVE-2021-44280 | 1 Attendance Management System Project | 1 Attendance Management System | 2024-11-21 | 9.8 Critical |
| attendance management system 1.0 is affected by a SQL injection vulnerability in admin/incFunctions.php through the makeSafe function. | ||||
| CVE-2021-44249 | 1 Online Motorcycle \(bike\) Rental System Project | 1 Online Motorcycle \(bike\) Rental System | 2024-11-21 | 9.8 Critical |
| Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Blind Time-Based SQL Injection attack within the login portal. This can lead attackers to remotely dump MySQL database credentials. | ||||
| CVE-2021-44245 | 1 Covid 19 Testing Management System Project | 1 Covid 19 Testing Management System | 2024-11-21 | 9.8 Critical |
| An SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System (CTMS) 1.0 via the (1) username and (2) contactno parameters. | ||||
| CVE-2021-44244 | 1 Sourcecodester Logistic Hub Parcel\'s Management System Project | 1 Sourcecodester Logistic Hub Parcel\'s Management System | 2024-11-21 | 9.8 Critical |
| An SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Parcel's Management System 1.0 via the username parameter in login.php. | ||||
| CVE-2021-44161 | 1 Changingtec | 1 Motp | 2024-11-21 | 8.8 High |
| Changing MOTP (Mobile One Time Password) system’s specific function parameter has insufficient validation for user input. A attacker in local area network can perform SQL injection attack to read, modify or delete backend database without authentication. | ||||
| CVE-2021-44135 | 1 Pagekit | 1 Pagekit | 2024-11-21 | 9.8 Critical |
| pagekit all versions, as of 15-10-2021, is vulnerable to SQL Injection via Comment listing. | ||||
| CVE-2021-44098 | 1 Egavilanmedia | 1 Expense Management System | 2024-11-21 | 9.8 Critical |
| EGavilan Media Expense-Management-System 1.0 is vulnerable to SQL Injection via /expense_action.php. This allows a remote attacker to compromise Application SQL database. | ||||
| CVE-2021-44097 | 1 Contact-form-with-messages-entry-management Project | 1 Contact-form-with-messages-entry-management | 2024-11-21 | 9.8 Critical |
| EGavilan Media Contact-Form-With-Messages-Entry-Management 1.0 is vulnerable to SQL Injection via Addmessage.php. This allows a remote attacker to compromise Application SQL database. | ||||
| CVE-2021-44096 | 1 Egavilanmedia | 1 User Registration And Login System With Admin Panel | 2024-11-21 | 9.8 Critical |
| EGavilan Media User-Registration-and-Login-System-With-Admin-Panel 1.0 is vulnerable to SQL Injection via profile_action - update_user. This allows a remote attacker to compromise Application SQL database. | ||||
| CVE-2021-44095 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 9.8 Critical |
| A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Application SQL database. | ||||
| CVE-2021-44090 | 1 Sourcecodester Online Reviewer System Project | 1 Sourcecodester Online Reviewer System | 2024-11-21 | 9.8 Critical |
| An SQL Injection vulnerability exists in Sourcecodester Online Reviewer System 1.0 via the password parameter. | ||||