Total
16884 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-50826 | 1 Lopalopa | 1 E-learning Management System | 2024-11-18 | N/A | 7.2 HIGH |
| A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning Management System Project 1.0 via the title and content parameters. | |||||
| CVE-2024-50825 | 1 Lopalopa | 1 E-learning Management System | 2024-11-18 | N/A | 7.2 HIGH |
| A SQL Injection vulnerability was found in /admin/school_year.php in kashipara E-learning Management System Project 1.0 via the school_year parameter. | |||||
| CVE-2024-50824 | 1 Lopalopa | 1 E-learning Management System | 2024-11-18 | N/A | 7.2 HIGH |
| A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter. | |||||
| CVE-2024-50823 | 1 Lopalopa | 1 E-learning Management System | 2024-11-18 | N/A | 9.8 CRITICAL |
| A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management System Project 1.0 via the username and password parameters. | |||||
| CVE-2024-50835 | 1 Lopalopa | 1 E-learning Management System | 2024-11-18 | N/A | 7.2 HIGH |
| A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning Management System Project 1.0 via the cys, un, ln, fn, and id parameters. | |||||
| CVE-2024-50834 | 1 Lopalopa | 1 E-learning Management System | 2024-11-18 | N/A | 7.2 HIGH |
| A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0 via the firstname and lastname parameters. | |||||
| CVE-2024-50833 | 1 Lopalopa | 1 E-learning Management System | 2024-11-18 | N/A | 9.8 CRITICAL |
| A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters. | |||||
| CVE-2024-50832 | 1 Lopalopa | 1 E-learning Management System | 2024-11-18 | N/A | 7.2 HIGH |
| A SQL Injection vulnerability was found in /admin/edit_class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter. | |||||
| CVE-2024-50831 | 1 Lopalopa | 1 E-learning Management System | 2024-11-18 | N/A | 7.2 HIGH |
| A SQL Injection was found in /admin/admin_user.php in kashipara E-learning Management System Project 1.0 via the username and password parameters. | |||||
| CVE-2024-50830 | 1 Lopalopa | 1 E-learning Management System | 2024-11-18 | N/A | 7.2 HIGH |
| A SQL Injection vulnerability was found in /admin/calendar_of_events.php in kashipara E-learning Management System Project 1.0 via the date_start, date_end, and title parameters. | |||||
| CVE-2024-50829 | 1 Lopalopa | 1 E-learning Management System | 2024-11-18 | N/A | 7.2 HIGH |
| A SQL Injection vulnerability was found in /admin/edit_subject.php in kashipara E-learning Management System Project 1.0 via the unit parameter. | |||||
| CVE-2024-50828 | 1 Lopalopa | 1 E-learning Management System | 2024-11-18 | N/A | 7.2 HIGH |
| A SQL Injection vulnerability was found in /admin/edit_department.php in kashipara E-learning Management System Project 1.0 via the d parameter. | |||||
| CVE-2024-50827 | 1 Lopalopa | 1 E-learning Management System | 2024-11-18 | N/A | 7.2 HIGH |
| A SQL Injection vulnerability was found in /admin/add_subject.php in kashipara E-learning Management System Project 1.0 via the subject_code parameter. | |||||
| CVE-2024-50323 | 1 Ivanti | 1 Endpoint Manager | 2024-11-18 | N/A | 7.8 HIGH |
| SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. User interaction is required. | |||||
| CVE-2024-11124 | 1 Timgeyssens | 1 Ui-o-matic | 2024-11-15 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability has been found in TimGeyssens UIOMatic 5 and classified as critical. This vulnerability affects unknown code of the file /src/UIOMatic/wwwroot/backoffice/resources/uioMaticObject.r. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-11127 | 1 Anisha | 1 Job Recruitment | 2024-11-15 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in code-projects Job Recruitment up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin.php. The manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-51882 | 1 Ehues | 1 Gboy Custom Google Map | 2024-11-15 | N/A | 8.5 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ehues Gboy Custom Google Map allows Blind SQL Injection.This issue affects Gboy Custom Google Map: from n/a through 1.2. | |||||
| CVE-2024-39368 | 2024-11-15 | N/A | 8.0 HIGH | ||
| Improper neutralization of special elements used in an SQL command ('SQL Injection') in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. | |||||
| CVE-2024-11016 | 1 Vice | 1 Webopac | 2024-11-14 | N/A | 9.8 CRITICAL |
| Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents. | |||||
| CVE-2024-47331 | 1 Ninjateam | 1 Multi Step For Contact Form 7 | 2024-11-14 | N/A | 9.3 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NinjaTeam Multi Step for Contact Form allows SQL Injection.This issue affects Multi Step for Contact Form: from n/a through 2.7.7. | |||||