Export limit exceeded: 17936 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (17936 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-14643 | 2 Code-projects, Fabian | 2 Simple Attendance Record System, Simple Attendance Record System | 2025-12-18 | 7.3 High |
| A vulnerability was found in code-projects Simple Attendance Record System 2.0. The affected element is an unknown function of the file /check.php. Performing manipulation of the argument student results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used. | ||||
| CVE-2025-14644 | 2 Angeljudesuarez, Itsourcecode | 2 Student Management System, Student Management System | 2025-12-18 | 7.3 High |
| A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /update_subject.php. Executing manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-14780 | 1 Xiongwei Technology | 1 Smart Catering Cloud Platform | 2025-12-17 | 6.3 Medium |
| A vulnerability was detected in Xiongwei Smart Catering Cloud Platform 2.1.6446.28761. The affected element is an unknown function of the file /dishtrade/dish_trade_detail_get. The manipulation of the argument filter results in sql injection. The attack can be executed remotely. The exploit is now public and may be used. | ||||
| CVE-2025-67751 | 1 Churchcrm | 1 Churchcrm | 2025-12-17 | 7.2 High |
| ChurchCRM is an open-source church management system. Prior to version 6.5.0, a SQL injection vulnerability exists in the `EventEditor.php` file. When creating a new event and selecting an event type, the `EN_tyid` POST parameter is not sanitized. This allows an authenticated user with event management permissions (`isAddEvent`) to execute arbitrary SQL queries. Version 6.5.0 fixes the issue. | ||||
| CVE-2025-14337 | 2 Angeljudesuarez, Itsourcecode | 2 Student Management System, Student Management System | 2025-12-16 | 7.3 High |
| A vulnerability was determined in itsourcecode Student Management System 1.0. This affects an unknown part of the file /new_grade.php. This manipulation of the argument grade causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-14334 | 2 Angeljudesuarez, Itsourcecode | 2 Student Management System, Student Management System | 2025-12-16 | 7.3 High |
| A flaw has been found in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /new_adviser.php. Executing manipulation of the argument Name can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. | ||||
| CVE-2025-14661 | 2 Angeljudesuarez, Itsourcecode | 2 Student Management System, Student Management System | 2025-12-16 | 7.3 High |
| A vulnerability has been found in itsourcecode Student Managemen System 1.0. Affected by this issue is some unknown functionality of the file /advisers.php. Such manipulation of the argument sy leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-14653 | 2 Angeljudesuarez, Itsourcecode | 2 Student Management System, Student Management System | 2025-12-16 | 7.3 High |
| A vulnerability was determined in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /addrecord.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-14646 | 2 Code-projects, Fabian | 2 Student Management System, Student File Management System | 2025-12-16 | 7.3 High |
| A security flaw has been discovered in code-projects Student File Management System 1.0. This impacts an unknown function of the file /admin/delete_student.php. The manipulation of the argument stud_id results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be exploited. | ||||
| CVE-2025-14645 | 2 Code-projects, Fabian | 2 Student Management System, Student File Management System | 2025-12-16 | 7.3 High |
| A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown function of the file /admin/delete_user.php. The manipulation of the argument user_id leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. | ||||
| CVE-2025-14640 | 2 Code-projects, Fabian | 2 Student Management System, Student File Management System | 2025-12-16 | 7.3 High |
| A flaw has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /admin/save_student.php. Executing manipulation of the argument stud_no can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used. | ||||
| CVE-2025-14639 | 2 Angeljudesuarez, Itsourcecode | 2 Student Management System, Student Management System | 2025-12-16 | 7.3 High |
| A vulnerability was detected in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /uprec.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. | ||||
| CVE-2025-14623 | 2 Code-projects, Fabian | 2 Student Management System, Student File Management System | 2025-12-16 | 7.3 High |
| A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-14619 | 2 Code-projects, Fabian | 2 Student Management System, Student File Management System | 2025-12-16 | 7.3 High |
| A vulnerability was found in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file login_query.php. Performing manipulation of the argument stud_no results in sql injection. The attack may be initiated remotely. The exploit has been made public and could be used. | ||||
| CVE-2021-41659 | 1 Oretnom23 | 1 Banking System | 2025-12-16 | 9.8 Critical |
| SQL injection vulnerability in Sourcecodester Banking System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username or password field. | ||||
| CVE-2022-36545 | 1 Hashenudara | 1 Edoc-doctor-appointment-system | 2025-12-16 | 9.8 Critical |
| Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/settings.php. | ||||
| CVE-2022-36544 | 1 Hashenudara | 1 Edoc-doctor-appointment-system | 2025-12-16 | 9.8 Critical |
| Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/booking.php. | ||||
| CVE-2022-36543 | 1 Hashenudara | 1 Edoc-doctor-appointment-system | 2025-12-16 | 9.8 Critical |
| Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/doctors.php. | ||||
| CVE-2025-14537 | 2 Code-projects, Fabian | 2 Class And Exam Timetable Management, Class And Exam Timetable Management System | 2025-12-16 | 7.3 High |
| A weakness has been identified in code-projects Class and Exam Timetable Management 1.0. Affected by this issue is some unknown functionality of the file /preview7.php. This manipulation of the argument course_year_section/semester causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-14536 | 2 Code-projects, Fabian | 2 Class And Exam Timetable Management, Class And Exam Timetable Management System | 2025-12-16 | 7.3 High |
| A security flaw has been discovered in code-projects Class and Exam Timetable Management 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login. The manipulation of the argument username/password results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be exploited. | ||||