Total
14524 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25047 | 1 Carrcommunications | 1 Rsvpmaker | 2024-11-21 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 9.9.3. | |||||
| CVE-2023-25045 | 1 Carrcommunications | 1 Rsvpmaker | 2024-11-21 | N/A | 6.7 MEDIUM |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 9.9.3. | |||||
| CVE-2023-24840 | 1 Hgiga | 1 Oaklouds Mailsherlock | 2024-11-21 | N/A | 7.2 HIGH |
| HGiga MailSherlock mail query function has vulnerability of insufficient validation for user input. An authenticated remote attacker with administrator privilege can exploit this vulnerability to inject SQL commands to read, modify, and delete the database. | |||||
| CVE-2023-24812 | 1 Misskey | 1 Misskey | 2024-11-21 | N/A | 8.8 HIGH |
| Misskey is an open source, decentralized social media platform. In versions prior to 13.3.3 SQL injection is possible due to insufficient parameter validation in the note search API by tag (notes/search-by-tag). This has been fixed in version 13.3.3. Users are advised to upgrade. Users unable to upgrade should block access to the `api/notes/search-by-tag` endpoint. | |||||
| CVE-2023-24788 | 1 Notrinos | 1 Notrinoserp | 2024-11-21 | N/A | 8.8 HIGH |
| NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customer_delivery.php. | |||||
| CVE-2023-24732 | 1 Simple Customer Relationship Management System Project | 1 Simple Customer Relationship Management System | 2024-11-21 | N/A | 8.8 HIGH |
| Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the gender parameter in the user profile update function. | |||||
| CVE-2023-24731 | 1 Simple Customer Relationship Management System Project | 1 Simple Customer Relationship Management System | 2024-11-21 | N/A | 8.8 HIGH |
| Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the query parameter in the user profile update function. | |||||
| CVE-2023-24730 | 1 Simple Customer Relationship Management System Project | 1 Simple Customer Relationship Management System | 2024-11-21 | N/A | 8.8 HIGH |
| Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the company parameter in the user profile update function. | |||||
| CVE-2023-24729 | 1 Simple Customer Relationship Management System Project | 1 Simple Customer Relationship Management System | 2024-11-21 | N/A | 8.8 HIGH |
| Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the address parameter in the user profile update function. | |||||
| CVE-2023-24728 | 1 Simple Customer Relationship Management System Project | 1 Simple Customer Relationship Management System | 2024-11-21 | N/A | 8.8 HIGH |
| Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the contact parameter in the user profile update function. | |||||
| CVE-2023-24726 | 1 Phpgurukul | 1 Art Gallery Management System | 2024-11-21 | N/A | 9.8 CRITICAL |
| Art Gallery Management System v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter on the enquiry page. | |||||
| CVE-2023-24655 | 1 Simple Customer Relationship Management System Project | 1 Simple Customer Relationship Management System | 2024-11-21 | N/A | 9.8 CRITICAL |
| Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Profile Update function. | |||||
| CVE-2023-24643 | 1 Judging Management System Project | 1 Judging Management System | 2024-11-21 | N/A | 9.8 CRITICAL |
| Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateBlankTxtview.php. | |||||
| CVE-2023-24258 | 1 Spip | 1 Spip | 2024-11-21 | N/A | 9.8 CRITICAL |
| SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the _oups parameter. This vulnerability allows attackers to execute arbitrary code via a crafted POST request. | |||||
| CVE-2023-24253 | 1 Domoticalabs | 1 Ikon Server | 2024-11-21 | N/A | 9.8 CRITICAL |
| Domotica Labs srl Ikon Server before v2.8.6 was discovered to contain a SQL injection vulnerability. | |||||
| CVE-2023-24206 | 1 Davinci Project | 1 Davinci | 2024-11-21 | N/A | 9.8 CRITICAL |
| Davinci v0.3.0-rc was discovered to contain a SQL injection vulnerability via the copyDisplay function. | |||||
| CVE-2023-24000 | 1 Gamipress | 1 Gamipress | 2024-11-21 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GamiPress gamipress allows SQL Injection.This issue affects GamiPress: from n/a through 2.5.7. | |||||
| CVE-2023-23991 | 2024-11-21 | N/A | 7.6 HIGH | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPdevelop / Oplugins Booking Calendar allows SQL Injection.This issue affects Booking Calendar: from n/a through 9.4.3. | |||||
| CVE-2023-23824 | 1 Wp Topbar Project | 1 Wp Topbar | 2024-11-21 | N/A | 6.7 MEDIUM |
| Auth. SQL Injection (SQLi) vulnerability in WP-TopBar <= 5.36 versions. | |||||
| CVE-2023-23758 | 1 Creative-solutions | 1 Creative Gallery | 2024-11-21 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability allows SQL Injection. | |||||