Total
12999 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-25315 | 1 Hotel Management System Project | 1 Hotel Management System | 2024-08-01 | 9.8 Critical |
| Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel/admin/roombook.php?rid=2. | ||||
| CVE-2024-25312 | 1 Code-projects | 1 Simple School Management System | 2024-08-01 | 8.8 High |
| Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/sub_delete.php?id=5." | ||||
| CVE-2024-25307 | 1 Code-projects | 1 Cinema Seat Reservation System | 2024-08-01 | 9.8 Critical |
| Code-projects Cinema Seat Reservation System 1.0 allows SQL Injection via the 'id' parameter at "/Cinema-Reservation/booking.php?id=1." | ||||
| CVE-2024-25310 | 1 Code-projects | 1 Simple School Management System | 2024-08-01 | 8.8 High |
| Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/delete.php?id=5." | ||||
| CVE-2024-25314 | 1 Hotel Management System Project | 1 Hotel Management System | 2024-08-01 | 9.8 Critical |
| Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2. | ||||
| CVE-2024-25304 | 1 Code-projects | 1 Simple School Management System | 2024-08-01 | 8.8 High |
| Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php." | ||||
| CVE-2024-25305 | 1 Code-projects | 1 Simple School Management System | 2024-08-01 | 8.8 High |
| Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/index.php. | ||||
| CVE-2024-25302 | 1 Remyandrade | 1 Event Student Attendance System | 2024-08-01 | 9.8 Critical |
| Sourcecodester Event Student Attendance System 1.0, allows SQL Injection via the 'student' parameter. | ||||
| CVE-2024-25309 | 1 Code-projects | 1 Simple School Management System | 2024-08-01 | 8.8 High |
| Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at School/teacher_login.php. | ||||
| CVE-2024-25213 | 1 Sherlock | 1 Employee Management System | 2024-08-01 | 7.2 High |
| Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /edit.php. | ||||
| CVE-2024-25220 | 1 Task Manager In Php With Source Code Project | 1 Task Manager In Php With Source Code | 2024-08-01 | 9.8 Critical |
| Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the taskID parameter at /TaskManager/EditTask.php. | ||||
| CVE-2024-25216 | 1 Sherlock | 1 Employee Management System | 2024-08-01 | 9.8 Critical |
| Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the mailud parameter at /aprocess.php. | ||||
| CVE-2024-25168 | 2024-08-01 | 6.3 Medium | ||
| SQL injection vulnerability in snow snow v.2.0.0 allows a remote attacker to execute arbitrary code via the dataScope parameter of the system/role/list interface. | ||||
| CVE-2024-25215 | 1 Sherlock | 1 Employee Management System | 2024-08-01 | 9.8 Critical |
| Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the pwd parameter at /aprocess.php. | ||||
| CVE-2024-24811 | 1 Zope | 1 Sqlalchemyda | 2024-08-01 | 9.8 Critical |
| SQLAlchemyDA is a generic database adapter for ZSQL methods. A vulnerability found in versions prior to 2.2 allows unauthenticated execution of arbitrary SQL statements on the database to which the SQLAlchemyDA instance is connected. All users are affected. The problem has been patched in version 2.2. There is no workaround for the problem. | ||||
| CVE-2024-24495 | 1 Remyandrade | 1 Daily Habit Tracker | 2024-08-01 | 9.8 Critical |
| SQL Injection vulnerability in delete-tracker.php in Daily Habit Tracker v.1.0 allows a remote attacker to execute arbitrary code via crafted GET request. | ||||
| CVE-2024-24140 | 1 Remyandrade | 1 Daily Habit Tracker | 2024-08-01 | 7.2 High |
| Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.' | ||||
| CVE-2024-24015 | 1 Xxyopen | 1 Novel-plus | 2024-08-01 | 9.8 Critical |
| A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort parameters to perform SQL via /sys/user/exit | ||||
| CVE-2024-24112 | 1 Exrick | 1 Xmall | 2024-08-01 | 9.8 Critical |
| xmall v1.1 was discovered to contain a SQL injection vulnerability via the orderDir parameter. | ||||
| CVE-2024-24021 | 1 Xxyopen | 1 Novel-plus | 2024-08-01 | 9.8 Critical |
| A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass specially crafted offset, limit, and sort parameters to perform SQL injection via /novel/userFeedback/list. | ||||