Export limit exceeded: 25170 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18834 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18834 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-33366 | 1 Supremainc | 1 Biostar 2 | 2024-11-21 | 8.8 High |
| A SQL injection vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows authenticated users to inject arbitrary SQL directives into an SQL statement and execute arbitrary SQL commands. | ||||
| CVE-2023-33331 | 1 Woo | 1 Product Vendors | 2024-11-21 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce Product Vendors allows SQL Injection.This issue affects Product Vendors: from n/a through 2.1.76. | ||||
| CVE-2023-33330 | 1 Woocommerce | 1 Automatewoo | 2024-11-21 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50. | ||||
| CVE-2023-33209 | 1 Crawlspider | 1 Seo Change Monitor | 2024-11-21 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CrawlSpider SEO Change Monitor – Track Website Changes.This issue affects SEO Change Monitor – Track Website Changes: from n/a through 1.2. | ||||
| CVE-2023-32743 | 1 Woocommerce | 1 Automatewoo | 2024-11-21 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.1. | ||||
| CVE-2023-32590 | 1 Subscribe To Category Project | 1 Subscribe To Category | 2024-11-21 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category.This issue affects Subscribe to Category: from n/a through 2.7.4. | ||||
| CVE-2023-32128 | 1 Adastracrypto | 1 Cryptocurrency Payment \& Donation Box | 2024-11-21 | 5.5 Medium |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free: from n/a through 2.2.7. | ||||
| CVE-2023-31945 | 1 Online Travel Agency System Project | 1 Online Travel Agency System | 2024-11-21 | 7.2 High |
| SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the id parameter at daily_expenditure_edit.php. | ||||
| CVE-2023-31944 | 1 Online Travel Agency System Project | 1 Online Travel Agency System | 2024-11-21 | 7.2 High |
| SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_edit.php. | ||||
| CVE-2023-31943 | 1 Online Travel Agency System Project | 1 Online Travel Agency System | 2024-11-21 | 7.2 High |
| SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the ticket_id parameter at ticket_detail.php. | ||||
| CVE-2023-31940 | 1 Online Travel Agency System Project | 1 Online Travel Agency System | 2024-11-21 | 7.2 High |
| SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the page_id parameter at article_edit.php. | ||||
| CVE-2023-31939 | 1 Online Travel Agency System Project | 1 Online Travel Agency System | 2024-11-21 | 7.2 High |
| SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the costomer_id parameter at customer_edit.php. | ||||
| CVE-2023-31938 | 1 Online Travel Agency System Project | 1 Online Travel Agency System | 2024-11-21 | 7.2 High |
| SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_detail.php. | ||||
| CVE-2023-31937 | 1 Phpgurukul | 1 Rail Pass Management System | 2024-11-21 | 7.2 High |
| Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-cateogry-detail.php file. | ||||
| CVE-2023-31933 | 1 Phpgurukul | 1 Rail Pass Management System | 2024-11-21 | 7.2 High |
| Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the editid parameter of the edit-pass-detail.php file. | ||||
| CVE-2023-31932 | 1 Phpgurukul | 1 Rail Pass Management System | 2024-11-21 | 7.2 High |
| Sql injection vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to execute arbitrary code via the viewid parameter of the view-enquiry.php file. | ||||
| CVE-2023-31753 | 1 Endonesia | 1 Endonesia | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an attacker to execute arbitrary SQL commands via the "rid=" parameter. | ||||
| CVE-2023-31719 | 1 Frangoteam | 1 Fuxa | 2024-11-21 | 9.8 Critical |
| FUXA <= 1.1.12 is vulnerable to SQL Injection via /api/signin. | ||||
| CVE-2023-31717 | 1 Frangoteam | 1 Fuxa | 2024-11-21 | 7.5 High |
| A SQL Injection attack in FUXA <= 1.1.12 allows exfiltration of confidential information from the database. | ||||
| CVE-2023-31714 | 1 Waqaskanju | 1 Chitor-cms | 2024-11-21 | 9.8 Critical |
| Chitor-CMS before v1.1.2 was discovered to contain multiple SQL injection vulnerabilities. | ||||