Total
15903 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26599 | 1 Impresscms | 1 Impresscms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ImpressCMS before 1.4.3 allows include/findusers.php groups SQL Injection. | |||||
| CVE-2021-26578 | 1 Hpe | 1 Network Orchestrator | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A potential security vulnerability has been identified in HPE Network Orchestrator (NetO) version(s): Prior to 2.5. The vulnerability could be remotely exploited with SQL injection. | |||||
| CVE-2021-26232 | 1 Simple College Website Project | 1 Simple College Website | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in SourceCodester Simple College Website v 1.0 allows remote attackers to execute arbitrary SQL statements via the id parameter to news.php. | |||||
| CVE-2021-26231 | 1 Fantastic Blog Cms Project | 1 Fantastic Blog Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php. | |||||
| CVE-2021-26229 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_stud.php. | |||||
| CVE-2021-26228 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_class1.php. | |||||
| CVE-2021-26226 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_user.php. | |||||
| CVE-2021-26223 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_pay.php. | |||||
| CVE-2021-26201 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the username field of the login page. | |||||
| CVE-2021-26200 | 1 Library System Project | 1 Library System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The user area for Library System 1.0 is vulnerable to SQL injection where a user can bypass the authentication and login as the admin user. | |||||
| CVE-2021-26114 | 1 Fortinet | 1 Fortiwan | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiWAN before 4.5.9 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests. | |||||
| CVE-2021-25899 | 1 Void | 1 Aurall Rec Monitor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. An unauthenticated attacker can send a crafted HTTP request to perform a blind time-based SQL Injection. The vulnerable parameter is param1. | |||||
| CVE-2021-25874 | 1 Youphptube | 1 Youphptube | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior is affected by a SQL Injection SQL injection in the catName parameter which allows a remote unauthenticated attacker to retrieve databases information such as application passwords hashes. | |||||
| CVE-2021-25784 | 1 Taogogo | 1 Taocms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Edit Article. | |||||
| CVE-2021-25783 | 1 Taogogo | 1 Taocms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Article Search. | |||||
| CVE-2021-25779 | 1 Baby Care System Project | 1 Baby Care System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page. | |||||
| CVE-2021-25482 | 1 Google | 1 Android | 2024-11-21 | 3.6 LOW | 5.9 MEDIUM |
| SQL injection vulnerabilities in CMFA framework prior to SMR Oct-2021 Release 1 allow untrusted application to overwrite some CMFA framework information. | |||||
| CVE-2021-25427 | 1 Google | 1 Android | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| SQL injection vulnerability in Bluetooth prior to SMR July-2021 Release 1 allows unauthorized access to paired device information | |||||
| CVE-2021-25213 | 1 Travel Management System Project | 1 Travel Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in SourceCodester Travel Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the catid parameter to subcat.php. | |||||
| CVE-2021-25212 | 1 Alumni Management System Project | 1 Alumni Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in SourceCodester Alumni Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to manage_event.php. | |||||