Total
14725 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-4466 | 2025-05-09 | 7.3 High | ||
| A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as critical. This affects an unknown part of the file /ajax.php?action=save_payment. The manipulation of the argument registration_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4467 | 2025-05-09 | 7.3 High | ||
| A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-admin.php. The manipulation of the argument txtfullname/txtemail/cmddesignation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2022-43023 | 1 Opencats | 1 Opencats | 2025-05-09 | 6.5 Medium |
| OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors function. | ||||
| CVE-2022-43022 | 1 Opencats | 1 Opencats | 2025-05-09 | 6.5 Medium |
| OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag deletion function. | ||||
| CVE-2022-43021 | 1 Opencats | 1 Opencats | 2025-05-09 | 6.5 Medium |
| OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the entriesPerPage variable. | ||||
| CVE-2022-43020 | 1 Opencats | 1 Opencats | 2025-05-09 | 6.5 Medium |
| OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the tag_id variable in the Tag update function. | ||||
| CVE-2022-39056 | 1 Changingtec | 1 Rava Certificate Validation System | 2025-05-09 | 9.8 Critical |
| RAVA certificate validation system has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify and delete database. | ||||
| CVE-2025-4465 | 2025-05-09 | 7.3 High | ||
| A vulnerability was found in itsourcecode Gym Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_schedule. The manipulation of the argument member_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4464 | 2025-05-09 | 7.3 High | ||
| A vulnerability has been found in itsourcecode Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_plan. The manipulation of the argument plan leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4463 | 2025-05-09 | 7.3 High | ||
| A vulnerability, which was classified as critical, was found in itsourcecode Gym Management System 1.0. Affected is an unknown function of the file /ajax.php?action=save_package. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4459 | 2025-05-09 | 6.3 Medium | ||
| A vulnerability was found in code-projects Patient Record Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file fecalysis_form.php. The manipulation of the argument itr_no leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-39841 | 1 Centreon | 1 Centreon Web | 2025-05-09 | 8.8 High |
| A SQL Injection vulnerability exists in the service configuration functionality in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23. | ||||
| CVE-2024-33854 | 1 Centreon | 1 Centreon Web | 2025-05-09 | 9.1 Critical |
| A SQL Injection vulnerability exists in the Graph Template component in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23. | ||||
| CVE-2024-33853 | 1 Centreon | 1 Centreon Web | 2025-05-09 | 9.1 Critical |
| A SQL Injection vulnerability exists in the Timeperiod component in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23. | ||||
| CVE-2024-33852 | 1 Centreon | 1 Centreon Web | 2025-05-09 | 9.1 Critical |
| A SQL Injection vulnerability exists in the Downtime component in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23. | ||||
| CVE-2024-32501 | 1 Centreon | 2 Centreon, Centreon Web | 2025-05-09 | 9.8 Critical |
| A SQL Injection vulnerability exists in the updateServiceHost functionality in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23. | ||||
| CVE-2025-4458 | 2025-05-09 | 6.3 Medium | ||
| A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edit_upatient.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4073 | 1 Phpgurukul | 1 Student Record System | 2025-05-09 | 7.3 High |
| A vulnerability was found in PHPGurukul Student Record System 3.20. It has been classified as critical. Affected is an unknown function of the file /change-password.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4072 | 1 Phpgurukul | 1 Online Nurse Hiring System | 2025-05-09 | 6.3 Medium |
| A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edit-nurse.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Multiple parameters might be affected. | ||||
| CVE-2025-4071 | 1 Phpgurukul | 1 Covid19 Testing Management System | 2025-05-09 | 7.3 High |
| A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /test-details.php. The manipulation of the argument Status leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||