Total
14521 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-44838 | 1 Openrapid | 1 Rapidcms | 2025-04-22 | N/A | 9.8 CRITICAL |
| RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the username parameter at /resource/runlogin.php. | |||||
| CVE-2024-44839 | 1 Openrapid | 1 Rapidcms | 2025-04-22 | N/A | 9.8 CRITICAL |
| RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the articleid parameter at /default/article.php. | |||||
| CVE-2024-45771 | 1 Openrapid | 1 Rapidcms | 2025-04-22 | N/A | 9.8 CRITICAL |
| RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the password parameter at /resource/runlogin.php. | |||||
| CVE-2025-27135 | 1 Infiniflow | 1 Ragflow | 2025-04-22 | N/A | 9.8 CRITICAL |
| RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. Versions 0.15.1 and prior are vulnerable to SQL injection. The ExeSQL component extracts the SQL statement from the input and sends it directly to the database query. As of time of publication, no patched version is available. | |||||
| CVE-2022-46117 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-22 | N/A | 7.2 HIGH |
| Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=view_product&id=. | |||||
| CVE-2022-46072 | 1 Helmet Store Showroom Project | 1 Helmet Store Showroom | 2025-04-22 | N/A | 9.8 CRITICAL |
| Helmet Store Showroom v1.0 vulnerable to unauthenticated SQL Injection. | |||||
| CVE-2022-46071 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-22 | N/A | 9.8 CRITICAL |
| There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access. | |||||
| CVE-2022-46126 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-21 | N/A | 7.2 HIGH |
| Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/brands/manage_brand.php?id=. | |||||
| CVE-2022-46125 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-21 | N/A | 7.2 HIGH |
| Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=client/manage_client&id=. | |||||
| CVE-2022-46124 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-21 | N/A | 7.2 HIGH |
| Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=user/manage_user&id=. | |||||
| CVE-2022-46123 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-21 | N/A | 7.2 HIGH |
| Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/categories/manage_category.php?id=. | |||||
| CVE-2025-22930 | 2025-04-21 | N/A | 9.8 CRITICAL | ||
| OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the groupid parameter at /messaging/Group.php. | |||||
| CVE-2025-22929 | 2025-04-21 | N/A | 9.8 CRITICAL | ||
| OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the filter_id parameter at /students/StudentFilters.php. | |||||
| CVE-2025-22928 | 2025-04-21 | N/A | 9.8 CRITICAL | ||
| OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the cp_id parameter at /modules/messages/Inbox.php. | |||||
| CVE-2024-57760 | 1 Jeewms | 1 Jeewms | 2025-04-21 | N/A | 6.5 MEDIUM |
| JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CGReportDao.java. | |||||
| CVE-2024-52724 | 1 Zzcms | 1 Zzcms | 2025-04-21 | N/A | 9.8 CRITICAL |
| ZZCMS 2023 was discovered to contain a SQL injection vulnerability in /q/show.php. | |||||
| CVE-2024-50713 | 1 Smarts-srl | 1 Smart Agent | 2025-04-21 | N/A | 9.8 CRITICAL |
| SmartAgent v1.1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tests/interface.php. | |||||
| CVE-2024-50716 | 1 Smarts-srl | 1 Smart Agent | 2025-04-21 | N/A | 9.8 CRITICAL |
| SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the id parameter in the /sendPushManually.php component. | |||||
| CVE-2022-46127 | 1 Helmet Store Showroom Site Project | 1 Helmet Store Showroom Site | 2025-04-21 | N/A | 7.2 HIGH |
| Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/classes/Master.php?f=delete_product. | |||||
| CVE-2021-31650 | 1 Online Grading System Project | 1 Online Grading System | 2025-04-21 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability in Sourcecodester Online Grading System 1.0 allows remote attackers to execute arbitrary SQL commands via the uname parameter. | |||||