Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-30938
SQL Injection vulnerability in SEMCMS v.4.8 allows a remote malicious user to obtain sensitive information via the ID parameter in the SEMCMS_User.php component.
NA
CVE-2024-30928
SQL Injection vulnerability in DerbyNet v9.0 and below allows malicious users to execute arbitrary SQL commands via 'classids' Parameter in ajax/query.slide.next.inc
NA
CVE-2024-30923
SQL Injection vulnerability in DerbyNet v9.0 and below allows a remote malicious user to execute arbitrary code via the where Clause in Racer Document Rendering
NA
CVE-2024-30922
SQL Injection vulnerability in DerbyNet v9.0 allows a remote malicious user to execute arbitrary code via the where Clause in Award Document Rendering.
NA
CVE-2024-32602
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a up to and including 5.3.3.1.
NA
CVE-2024-32551
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager : from n/a up to and including 4.71.
NA
CVE-2024-30990
SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows malicious user to execute arbitrary SQL commands via "searchdata" parameter.
NA
CVE-2024-30982
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows malicious users to run arbitrary SQL commands via the upid parameter in the /view-user-detail.php file.
NA
CVE-2024-30985
SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows malicious user to execute arbitrary SQL commands via "todate" and "fromdate" parameters.
NA
CVE-2024-30983
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows malicious users to run arbitrary SQL commands via the compname parameter in /edit-computer-detail.php file.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987
buffer overflow
CVE-2024-28890
CVE-2024-27574
CVE-2024-27347
CVE-2024-31450
privilege
SSTI
CVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »