Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
database vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-45334
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'status' parameter of the routers/edit-orders.php resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Food Ordering System 1.0
9.8
CVSSv3
CVE-2023-45341
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The '*_price' parameter of the routers/menu-router.php resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Food Ordering System 1.0
9.8
CVSSv3
CVE-2023-45012
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'user_email' parameter of the bus_info.php resource does not validate the characters received and they are sent unfiltered to the database.
Online Bus Booking System Project Online Bus Booking System 1.0
9.8
CVSSv3
CVE-2023-45015
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'date' parameter of the bus_info.php resource does not validate the characters received and they are sent unfiltered to the database.
Online Bus Booking System Project Online Bus Booking System 1.0
9.8
CVSSv3
CVE-2023-45018
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the includes/login.php resource does not validate the characters received and they are sent unfiltered to the database.
Online Bus Booking System Project Online Bus Booking System 1.0
9.8
CVSSv3
CVE-2023-45019
Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'category' parameter of the category.php resource does not validate the characters received and they are sent unfiltered to the database.
Online Bus Booking System Project Online Bus Booking System 1.0
9.8
CVSSv3
CVE-2023-45111
Online Examination System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'email' parameter of the feed.php resource does not validate the characters received and they are sent unfiltered to the database.
Online Examination System Project Online Examination System 1.0
9.8
CVSSv3
CVE-2023-46482
SQL injection vulnerability in wuzhicms v.4.1.0 allows a remote malicious user to execute arbitrary code via the Database Backup Functionality in the coreframe/app/database/admin/index.php component.
Wuzhicms Wuzhicms 4.1.0
9.8
CVSSv3
CVE-2023-31212
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks Database for Contact Form 7, WPforms, Elementor forms contact-form-entries allows SQL Injection.This issue affects Database for Contact Form 7, WPforms, Eleme...
Crmperks Database For Contact Form 7\\, Wpforms\\, Elementor Forms
9.8
CVSSv3
CVE-2023-36508
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress contact-form-to-db allows SQL Injection.This issue affects Contact Form to ...
Bestwebsoft Contact Form To Db
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »