Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0910 | 1 Online Pizza Ordering System Project | 1 Online Pizza Ordering System | 2023-03-01 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file view_prod.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-221476. | |||||
| CVE-2023-1063 | 1 Doctors Appointment System Project | 1 Doctors Appointment System | 2023-02-28 | N/A | 8.8 HIGH |
| A vulnerability has been found in SourceCodester Doctors Appointment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/patient.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221827. | |||||
| CVE-2023-1058 | 1 Doctors Appointment System Project | 1 Doctors Appointment System | 2023-02-28 | N/A | 8.8 HIGH |
| A vulnerability classified as critical has been found in SourceCodester Doctors Appointment System 1.0. This affects an unknown part of the file create-account.php. The manipulation of the argument newemail leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221823. | |||||
| CVE-2023-1062 | 1 Doctors Appointment System Project | 1 Doctors Appointment System | 2023-02-28 | N/A | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in SourceCodester Doctors Appointment System 1.0. Affected is an unknown function of the file /admin/add-new.php of the component Parameter Handler. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-221826 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-1061 | 1 Doctors Appointment System Project | 1 Doctors Appointment System | 2023-02-28 | N/A | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/edit-doc.php. The manipulation of the argument oldmail leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221825 was assigned to this vulnerability. | |||||
| CVE-2023-1057 | 1 Doctors Appointment System Project | 1 Doctors Appointment System | 2023-02-28 | N/A | 8.8 HIGH |
| A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been rated as critical. Affected by this issue is the function edoc of the file login.php. The manipulation of the argument usermail leads to sql injection. VDB-221822 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-1056 | 1 Doctors Appointment System Project | 1 Doctors Appointment System | 2023-02-28 | N/A | 8.8 HIGH |
| A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edoc/doctor/patient.php. The manipulation of the argument search12 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221821 was assigned to this vulnerability. | |||||
| CVE-2023-1053 | 1 Music Gallery Site Project | 1 Music Gallery Site | 2023-02-28 | N/A | 9.8 CRITICAL |
| A vulnerability was found in SourceCodester Music Gallery Site 1.0 and classified as critical. This issue affects some unknown processing of the file view_category.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-221819. | |||||
| CVE-2023-1054 | 1 Music Gallery Site Project | 1 Music Gallery Site | 2023-02-28 | N/A | 9.8 CRITICAL |
| A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=user/manage. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-221820. | |||||
| CVE-2023-1059 | 1 Doctors Appointment System Project | 1 Doctors Appointment System | 2023-02-28 | N/A | 8.8 HIGH |
| A vulnerability classified as critical was found in SourceCodester Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/doctors.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221824. | |||||
| CVE-2023-24364 | 1 Simple Customer Relationship Management System Project | 1 Simple Customer Relationship Management System | 2023-02-28 | N/A | 8.8 HIGH |
| Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter under the Admin Panel. | |||||
| CVE-2023-24652 | 1 Simple Customer Relationship Management System Project | 1 Simple Customer Relationship Management System | 2023-02-28 | N/A | 8.8 HIGH |
| Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the Description parameter under the Create ticket function. | |||||
| CVE-2023-24654 | 1 Simple Customer Relationship Management System Project | 1 Simple Customer Relationship Management System | 2023-02-28 | N/A | 8.8 HIGH |
| Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Request a Quote function. | |||||
| CVE-2023-24653 | 1 Simple Customer Relationship Management System Project | 1 Simple Customer Relationship Management System | 2023-02-28 | N/A | 8.8 HIGH |
| Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the oldpass parameter under the Change Password function. | |||||
| CVE-2023-24656 | 1 Simple Customer Relationship Management System Project | 1 Simple Customer Relationship Management System | 2023-02-28 | N/A | 8.8 HIGH |
| Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the subject parameter under the Create Ticket function. | |||||
| CVE-2023-0912 | 1 Auto Dealer Management System Project | 1 Auto Dealer Management System | 2023-02-28 | N/A | 8.8 HIGH |
| A vulnerability classified as critical has been found in SourceCodester Auto Dealer Management System 1.0. This affects an unknown part of the file /adms/admin/?page=vehicles/view_transaction. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221481 was assigned to this vulnerability. | |||||
| CVE-2023-0913 | 1 Auto Dealer Management System Project | 1 Auto Dealer Management System | 2023-02-28 | N/A | 8.8 HIGH |
| A vulnerability classified as critical was found in SourceCodester Auto Dealer Management System 1.0. This vulnerability affects unknown code of the file /adms/admin/?page=vehicles/sell_vehicle. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221482 is the identifier assigned to this vulnerability. | |||||
| CVE-2021-33948 | 1 Hotels Server Project | 1 Hotels Server | 2023-02-28 | N/A | 9.8 CRITICAL |
| SQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows attacker to execute arbitrary code via the username parameter. | |||||
| CVE-2023-26093 | 1 Puzzle | 1 Liima | 2023-02-28 | N/A | 9.8 CRITICAL |
| Liima before 1.17.28 allows Hibernate query language (HQL) injection, related to colToSort in the deployment filter. | |||||
| CVE-2012-10008 | 1 Oneapp Project | 1 Oneapp | 2023-02-28 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in uakfdotb oneapp. This issue affects some unknown processing. The manipulation leads to sql injection. The attack may be initiated remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The name of the patch is 5413ac804f1b09f9decc46a6c37b08352c49669c. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-221483. | |||||