| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/editcategory.php. |
| Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/edituser.php. |
| SourceCodester Best Student Result Management System 1.0 is vulnerable to SQL Injection. |
| hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MedData HBYS allows SQL Injection.This issue affects HBYS: from unspecified before 1.1.
|
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MedData HBYS allows SQL Injection.This issue affects HBYS: from unspecified before 1.1.
|
| Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file. |
| A limited SQL injection risk was identified in the "browse list of users" site administration page. |
| Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.php?action=delete_plan. |
| Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via bwdate-report-ds.php file. |
| A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution. |
| An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode. |
| A vulnerability, which was classified as critical, was found in PHPGurukul/Campcodes Online Shopping Portal 2.1. This affects an unknown part of the file /search-result.php. The manipulation of the argument Product leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText Advanced Authentication. This issue affects Advanced Authentication versions before 6.5 |
| Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/admin/?page=user/manage_user&id=. |
| Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.php?action=delete_borrower. |
| Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=orders/view_order. |
| Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=orders/view_order. |
| The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks |
| The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin users to perform SQL injection attacks |
