Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-30990
SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows malicious user to execute arbitrary SQL commands via "searchdata" parameter.
NA
CVE-2024-30982
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows malicious users to run arbitrary SQL commands via the upid parameter in the /view-user-detail.php file.
NA
CVE-2024-30985
SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows malicious user to execute arbitrary SQL commands via "todate" and "fromdate" parameters.
NA
CVE-2024-30980
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows malicious users to run arbitrary SQL commands via the Computer Location parameter in manage-computer.php page.
NA
CVE-2024-30981
SQL Injection vulnerability in /edit-computer-detail.php in phpgurukul Cyber Cafe Management System Using PHP & MySQL v1.0 allows malicious users to run arbitrary SQL commands via editid in the application URL.
NA
CVE-2024-30983
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows malicious users to run arbitrary SQL commands via the compname parameter in /edit-computer-detail.php file.
NA
CVE-2022-47151
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a up to and in...
NA
CVE-2024-3067
The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL ...
NA
CVE-2024-1601
An SQL injection vulnerability exists in the `delete_discussion()` function of the parisneo/lollms-webui application, allowing an malicious user to delete all discussions and message data. The vulnerability is exploitable via a crafted HTTP POST request to the `/delete_discussion...
NA
CVE-2023-45503
SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote malicious users to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via crafted payload to resetPassword, forgotPasswordProcess, saveUser, saveRole,...
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »