Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-89
Total 15762 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-30246 1 Judging Management System Project 1 Judging Management System 2025-01-24 N/A 9.8 CRITICAL
SQL injection vulnerability found in Judging Management System v.1.0 allows a remote attacker to execute arbitrary code via the contestant_id parameter.
CVE-2023-29809 1 Companymaps Project 1 Companymaps 2025-01-24 N/A 9.8 CRITICAL
SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request.
CVE-2023-31621 1 Openlinksw 1 Virtuoso 2025-01-24 N/A 7.5 HIGH
An issue in the kc_var_col component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31620 1 Openlinksw 1 Virtuoso 2025-01-24 N/A 7.5 HIGH
An issue in the dv_compare component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31622 1 Openlinksw 1 Virtuoso 2025-01-23 N/A 7.5 HIGH
An issue in the sqlc_make_policy_trig component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31845 1 Faculty Evaluation System Project 1 Faculty Evaluation System 2025-01-23 N/A 7.2 HIGH
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_class.php?id=.
CVE-2023-31844 1 Faculty Evaluation System Project 1 Faculty Evaluation System 2025-01-23 N/A 7.2 HIGH
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_subject.php?id=.
CVE-2023-31625 1 Openlinksw 1 Virtuoso 2025-01-23 N/A 7.5 HIGH
An issue in the psiginfo component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31624 1 Openlinksw 1 Virtuoso 2025-01-23 N/A 7.5 HIGH
An issue in the sinv_check_exp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31623 1 Openlinksw 1 Virtuoso 2025-01-23 N/A 7.5 HIGH
An issue in the mp_box_copy component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31843 1 Faculty Evaluation System Project 1 Faculty Evaluation System 2025-01-23 N/A 7.2 HIGH
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/view_faculty.php?id=.
CVE-2023-31842 1 Faculty Evaluation System Project 1 Faculty Evaluation System 2025-01-23 N/A 7.2 HIGH
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/index.php?page=edit_faculty&id=.
CVE-2023-31631 1 Openlinksw 1 Virtuoso 2025-01-23 N/A 7.5 HIGH
An issue in the sqlo_preds_contradiction component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31630 1 Openlinksw 1 Virtuoso 2025-01-23 N/A 7.5 HIGH
An issue in the sqlo_query_spec component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31629 1 Openlinksw 1 Virtuoso 2025-01-23 N/A 7.5 HIGH
An issue in the sqlo_union_scope component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31628 1 Openlinksw 1 Virtuoso 2025-01-23 N/A 7.5 HIGH
An issue in the stricmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31627 1 Openlinksw 1 Virtuoso 2025-01-23 N/A 7.5 HIGH
An issue in the strhash component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31626 1 Openlinksw 1 Virtuoso 2025-01-23 N/A 7.5 HIGH
An issue in the gpf_notice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31616 1 Openlinksw 1 Virtuoso 2025-01-23 N/A 7.5 HIGH
An issue in the bif_mod component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-26262 1 Ebmtech 1 Uniweb\/solipacs Webserver 2025-01-23 N/A 8.8 HIGH
EBM Technologies Uniweb/SoliPACS WebServer's query functionality lacks proper restrictions of user input, allowing remote attackers authenticated as regular user to inject SQL commands for reading, modifying, and deleting database records, as well as executing system commands. Attackers may even leverage the dbo privilege in the database for privilege escalation, elevating their privileges to administrator .