Export limit exceeded: 19337 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19337 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-10203 | 1 Ofcms | 1 Ofcms | 2026-06-01 | 6.3 Medium |
| A security flaw has been discovered in OFCMS 1.1.3. Impacted is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemParamController.java of the component JSON Query Interface. The manipulation results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-10250 | 1 Itsourcecode | 1 Online Blood Bank Management System | 2026-06-01 | 7.3 High |
| A security flaw has been discovered in itsourcecode Online Blood Bank Management System 1.0. The affected element is an unknown function of the file /admin/campsdetails.php. Performing a manipulation of the argument hospital results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2024-12143 | 2026-06-01 | 9.8 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mobilteg Mobile Informatics Mikro Hand Terminal - MikroDB allows SQL Injection. This issue affects Mikro Hand Terminal - MikroDB. NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available. | ||||
| CVE-2024-12144 | 2026-06-01 | 9.8 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Finder Fire Safety Finder ERP/CRM (Old System) allows SQL Injection. This issue affects Finder ERP/CRM (Old System): before 18.12.2024. | ||||
| CVE-2024-12146 | 2026-06-01 | 7.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Finder Fire Safety Finder ERP/CRM (New System) allows SQL Injection. This issue affects Finder ERP/CRM (New System): before 18.12.2024. | ||||
| CVE-2024-12150 | 2026-06-01 | 9.8 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eron Software Wowwo CRM allows Blind SQL Injection. This issue affects Wowwo CRM. NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available. | ||||
| CVE-2024-12364 | 2026-06-01 | 9.8 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mavi Yeşil Software Guest Tracking Software allows SQL Injection. This issue affects Guest Tracking Software. NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available. | ||||
| CVE-2026-40546 | 1 Soplanning | 1 Soplanning | 2026-06-01 | N/A |
| SOPlanning is vulnerable to SQL Injection across multiple endpoints and parameters. Attacker with low privileges can inject arbitrary SQL commands, potentially gaining full control over the database. This issue affects SOPlanning version 1.55 and below. | ||||
| CVE-2024-12913 | 2026-06-01 | 8.8 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Megatek Communication System Azora Wireless Network Management allows SQL Injection. This issue affects Azora Wireless Network Management: through 20250916. NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available. | ||||
| CVE-2024-12916 | 2026-06-01 | 8.8 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agito Computer Life4All allows SQL Injection. This issue affects Life4All: before 10.01.2025. | ||||
| CVE-2024-12918 | 2026-06-01 | 8.8 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agito Computer Health4All allows SQL Injection. This issue affects Health4All: before 10.01.2025. | ||||
| CVE-2026-10186 | 1 Code-projects | 1 Online Hospital Management System | 2026-06-01 | 7.3 High |
| A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2024-13147 | 2026-06-01 | 9.8 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Merkur Software B2B Login Panel allows SQL Injection. This issue affects B2B Login Panel: before 15.01.2025. | ||||
| CVE-2024-13148 | 2026-06-01 | 9.8 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yukseloglu Filter B2B Login Platform allows SQL Injection. This issue affects B2B Login Platform: before 16.01.2025. | ||||
| CVE-2024-13149 | 1 Arma Store | 1 Armalife | 2026-06-01 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arma Store Armalife allows SQL Injection. This issue affects Armalife: through 20250916. NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available. | ||||
| CVE-2024-13150 | 1 Fayton | 1 Pro Erp | 2026-06-01 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Fayton Software and Consulting Services fayton.Pro ERP allows SQL Injection. This issue affects fayton.Pro ERP: through 20250929. | ||||
| CVE-2024-13152 | 2026-06-01 | 10 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BSS Software Mobuy Online Machinery Monitoring Panel allows SQL Injection. This issue affects Mobuy Online Machinery Monitoring Panel: before 2.0. | ||||
| CVE-2024-13174 | 1 E1 Informatics | 1 Web Application | 2026-06-01 | 8.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E1 Informatics Web Application allows SQL Injection. This issue affects Web Application: through 20250916. NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available. | ||||
| CVE-2023-0939 | 1 Online Services Project | 1 Online Services | 2026-06-01 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NTN Information Technologies Online Services Software allows SQL Injection. This issue affects Online Services Software: before 1.17. | ||||
| CVE-2023-0979 | 1 Meddatapacs | 1 Meddatapacs | 2026-06-01 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MedData MedDataPACS allows SQL Injection. This issue affects MedDataPACS : before 2023-03-03. | ||||