Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34933
A SQL injection vulnerability in /model/update_grade.php in Campcodes Complete Web-Based School Management System 1.0 allows an malicious user to execute arbitrary SQL commands via the admission_fee parameter.
NA
CVE-2024-34934
A SQL injection vulnerability in /view/emarks_range_grade_update_form.php in Campcodes Complete Web-Based School Management System 1.0 allows an malicious user to execute arbitrary SQL commands via the conversation_id parameter.
NA
CVE-2024-34936
A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an malicious user to execute arbitrary SQL commands via the month parameter.
NA
CVE-2024-35084
J2EEFAST v2.7.0 exists to contain a SQL injection vulnerability via the findPage function in SysMsgPushMapper.xml.
NA
CVE-2024-34932
A SQL injection vulnerability in /model/update_exam.php in Campcodes Complete Web-Based School Management System 1.0 allows an malicious user to execute arbitrary SQL commands via the name parameter.
NA
CVE-2024-35082
J2EEFAST v2.7.0 exists to contain a SQL injection vulnerability via the findPage function in SysOperLogMapper.xml.
NA
CVE-2024-35083
J2EEFAST v2.7.0 exists to contain a SQL injection vulnerability via the findPage function in SysLoginInfoMapper.xml.
8.8
CVSSv3
CVE-2024-4779
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to SQL Injection via the ‘data[post_ids][0]’ parameter in all versions up to, and including, 1.5.107 due to insufficient escaping on the user supplied parameter a...
NA
CVE-2024-5240
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /view/unread_msg.php. The manipulation of the argument my_index leads to sql injection. The attack may be init...
NA
CVE-2024-5237
A vulnerability, which was classified as critical, has been found in Campcodes Complete Web-Based School Management System 1.0. Affected by this issue is some unknown functionality of the file /view/timetable_grade_wise.php. The manipulation of the argument grade leads to sql inj...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »