Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-24141
Sourcecodester School Task Manager App 1.0 allows SQL Injection via the 'task' parameter.
Remyandrade School Task Manager 1.0
2 Github repositories
9.8
CVSSv3
CVE-2024-1009
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Admin/login.php. The manipulation of the argument txtusername leads to sql injection. The attack may be lau...
Employee Management System Project Employee Management System 1.0
9.8
CVSSv3
CVE-2024-0941
A vulnerability was found in Novel-Plus 4.3.0-RC1 and classified as critical. This issue affects some unknown processing of the file /novel/bookComment/list. The manipulation of the argument sort leads to sql injection. The exploit has been disclosed to the public and may be used...
Xxyopen Novel-plus 4.3.0
9.8
CVSSv3
CVE-2024-0938
A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file /general/email/inbox/delete_webmail.php. The manipulation of the argument WEBBODY_ID_STR leads to sql injection. The exploit has been disclosed to t...
Tongda2000 Office Anywhere 2017
9.8
CVSSv3
CVE-2024-0890
A vulnerability was found in hongmaple octopus 1.0. It has been classified as critical. Affected is an unknown function of the file /system/dept/edit. The manipulation of the argument ancestors leads to sql injection. It is possible to launch the attack remotely. The exploit has ...
Hongmaple Octopus 1.0
9.8
CVSSv3
CVE-2024-0884
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects the function exec of the file payment.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remot...
Mayurik Online Tours \\&travels Management System 1.0
9.8
CVSSv3
CVE-2024-0883
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been declared as critical. This vulnerability affects the function prepare of the file admin/pay.php. The manipulation of the argument id leads to sql injection. The attack can be...
Mayurik Online Tours \\& Travels Management System 1.0
9.8
CVSSv3
CVE-2023-51210
SQL injection vulnerability in Webkul Bundle Product 6.0.1 allows a remote malicious user to execute arbitrary code via the id_product parameters in the UpdateProductQuantity function.
Webkul Bundle Product 6.0.1
9.8
CVSSv3
CVE-2023-48118
SQL Injection vulnerability in Quest Analytics LLC IQCRM v.2023.9.5 allows a remote malicious user to execute arbitrary code via a crafted request to the Common.svc WSDL page.
Quest-analytics Iqcrm 2023.9.5
1 Github repository
9.8
CVSSv3
CVE-2024-0784
A vulnerability was found in hongmaple octopus 1.0. It has been classified as critical. Affected is an unknown function of the file /system/role/list. The manipulation of the argument dataScope leads to sql injection. It is possible to launch the attack remotely. The exploit has ...
Hongmaple Octopus 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »