Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-30981
SQL Injection vulnerability in /edit-computer-detail.php in phpgurukul Cyber Cafe Management System Using PHP & MySQL v1.0 allows malicious users to run arbitrary SQL commands via editid in the application URL.
NA
CVE-2024-30983
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows malicious users to run arbitrary SQL commands via the compname parameter in /edit-computer-detail.php file.
NA
CVE-2022-47151
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a up to and in...
NA
CVE-2024-3067
The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL ...
NA
CVE-2024-1601
An SQL injection vulnerability exists in the `delete_discussion()` function of the parisneo/lollms-webui application, allowing an malicious user to delete all discussions and message data. The vulnerability is exploitable via a crafted HTTP POST request to the `/delete_discussion...
NA
CVE-2023-45503
SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote malicious users to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via crafted payload to resetPassword, forgotPasswordProcess, saveUser, saveRole,...
1 Github repository
NA
CVE-2024-28556
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote malicious users to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin-manage-user.php.
NA
CVE-2024-28557
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote malicious users to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php.
NA
CVE-2024-28558
SQL Injection vulnerability in sourcecodester Petrol pump management software v1.0, allows remote malicious users to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin/app/web_crud.php.
NA
CVE-2024-3797
A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-bookmark.php?bookmark=1. The manipulation of the argument bookmark leads to sql injection. The attack ca...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »