Search Results (37315 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-27203 1 Best Pos Management System Project 1 Best Pos Management System 2025-03-05 9.8 Critical
Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /billing/home.php.
CVE-2023-27202 1 Best Pos Management System Project 1 Best Pos Management System 2025-03-05 9.8 Critical
Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /kruxton/receipt.php.
CVE-2022-47471 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-03-05 5.5 Medium
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
CVE-2022-47461 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-03-05 6.7 Medium
In telephone service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed.
CVE-2022-47462 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-03-05 6.7 Medium
In telephone service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed.
CVE-2022-47472 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-03-05 5.5 Medium
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
CVE-2022-47473 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-03-05 5.5 Medium
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
CVE-2022-47484 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-03-05 5.5 Medium
In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.
CVE-2022-25694 1 Qualcomm 416 Apq8009, Apq8009 Firmware, Apq8009w and 413 more 2025-03-05 8.4 High
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
CVE-2022-25709 1 Qualcomm 136 Ar8035, Ar8035 Firmware, Qca6174a and 133 more 2025-03-05 8.4 High
Memory corruption in modem due to use of out of range pointer offset while processing qmi msg
CVE-2021-23807 1 Janl 1 Jsonpointer 2025-03-05 5.6 Medium
This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays.
CVE-2023-25223 1 Crmeb 1 Crmeb Java 2025-03-05 7.2 High
CRMEB <=1.3.4 is vulnerable to SQL Injection via /api/admin/user/list.
CVE-2025-1894 1 Phpgurukul 1 Restaurant Table Booking System 2025-03-05 7.3 High
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2023-24775 1 Funadmin 1 Funadmin 2025-03-05 9.8 Critical
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php.
CVE-2025-27146 1 Matrix 1 Matrix Irc Bridge 2025-03-04 2.7 Low
matrix-appservice-irc is a Node.js IRC bridge for Matrix. The matrix-appservice-irc bridge up to version 3.0.3 contains a vulnerability which can lead to arbitrary IRC command execution as the puppeted user. The attacker can only inject commands executed as their own IRC user. The vulnerability has been patched in matrix-appservice-irc version 3.0.4.
CVE-2024-3697 1 Campcodes 1 House Rental Management System 2025-03-04 6.3 Medium
A vulnerability was found in Campcodes House Rental Management System 1.0. It has been classified as critical. Affected is an unknown function of the file manage_tenant.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260484.
CVE-2024-3698 1 Campcodes 1 House Rental Management System 2025-03-04 6.3 Medium
A vulnerability was found in Campcodes House Rental Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file manage_payment.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260485 was assigned to this vulnerability.
CVE-2024-3696 1 Campcodes 1 House Rental Management System 2025-03-04 6.3 Medium
A vulnerability was found in Campcodes House Rental Management System 1.0 and classified as critical. This issue affects some unknown processing of the file view_payment.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-260483.
CVE-2023-7100 1 Phpgurukul 1 Restaurant Table Booking System 2025-03-04 6.3 Medium
A vulnerability, which was classified as critical, was found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/bwdates-report-details.php. The manipulation of the argument fdate/tdate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2023-3694 1 Sourcecodester House Rental And Property Listing Project 1 House Rental And Property Listing 2025-03-04 6.3 Medium
A vulnerability, which was classified as critical, has been found in SourceCodester/projectworlds House Rental and Property Listing 1.0. This issue affects some unknown processing of the file /index.php. The manipulation of the argument keywords/location leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.