Export limit exceeded: 19662 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19662 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-63939 1 Anirudhkannanvp 1 Grocery Store Management System 2026-04-17 9.8 Critical
Improper input handling in /Grocery/search_products_itname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitem_name POST parameter.
CVE-2025-65135 1 Manikandan580 1 School-management-system 2026-04-17 9.8 Critical
In manikandan580 School-management-system 1.0, a time-based blind SQL injection vulnerability exists in /studentms/admin/between-date-reprtsdetails.php through the fromdate POST parameter.
CVE-2026-38528 1 Krayin 1 Laravel-crm 2026-04-17 7.1 High
Krayin CRM v2.2.x was discovered to contain a SQL injection vulnerability via the rotten_lead parameter at /Lead/LeadDataGrid.php.
CVE-2026-37594 1 Sourcecodester 1 Online Employees Work From Home Attendance System 2026-04-17 2.7 Low
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_employee.php.
CVE-2026-37592 1 Sourcecodester 1 Storage Unit Rental Management System 2026-04-17 2.7 Low
Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL in the file /storage/admin/maintenance/manage_pricing.php.
CVE-2026-37595 1 Sourcecodester 1 Online Employees Work From Home Attendance System 2026-04-17 2.7 Low
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_employee.php.
CVE-2026-37596 1 Sourcecodester 1 Online Employees Work From Home Attendance System 2026-04-17 2.7 Low
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_department.php.
CVE-2026-37602 1 Sourcecodester 1 Patient Appointment Scheduler System 2026-04-17 2.7 Low
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/user/manage_user.php.
CVE-2026-37601 1 Sourcecodester 1 Patient Appointment Scheduler System 2026-04-17 2.7 Low
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manage_appointment.php.
CVE-2026-37597 1 Sourcecodester 1 Online Employees Work From Home Attendance System 2026-04-17 2.7 Low
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/attendance_list.php.
CVE-2026-37598 1 Sourcecodester 1 Patient Appointment Scheduler System 2026-04-17 2.7 Low
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to arbitrary code execution (RCE) via /scheduler/classes/SystemSettings.php?f=update_settings.
CVE-2026-37600 1 Sourcecodester 1 Patient Appointment Scheduler System 2026-04-17 2.7 Low
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/view_details.php.
CVE-2026-37591 1 Sourcecodester 1 Storage Unit Rental Management System 2026-04-17 2.7 Low
Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/view_details.php.
CVE-2026-37590 1 Sourcecodester 1 Storage Unit Rental Management System 2026-04-17 2.7 Low
SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/rents/manage_rent.php.
CVE-2026-37593 1 Sourcecodester 1 Online Employees Work From Home Attendance System 2026-04-17 2.7 Low
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_att.php.
CVE-2026-3148 2 Haben-cs9, Sourcecodester 2 Simple And Nice Shopping Cart Script, Simple And Nice Shopping Cart Script 2026-04-17 7.3 High
A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2026-3149 2 Angeljudesuarez, Itsourcecode 2 College Management System, College Management System 2026-04-17 6.3 Medium
A weakness has been identified in itsourcecode College Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/asign-single-student-subjects.php. Executing a manipulation of the argument course_code can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.
CVE-2026-3150 2 Angeljudesuarez, Itsourcecode 2 College Management System, College Management System 2026-04-17 6.3 Medium
A security vulnerability has been detected in itsourcecode College Management System 1.0. This affects an unknown part of the file /admin/display-teacher.php. The manipulation of the argument teacher_id leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
CVE-2026-3151 2 Angeljudesuarez, Itsourcecode 2 College Management System, College Management System 2026-04-17 7.3 High
A vulnerability was detected in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /login/login.php. The manipulation of the argument email results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.
CVE-2026-3152 2 Angeljudesuarez, Itsourcecode 2 College Management System, College Management System 2026-04-17 7.3 High
A flaw has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/teacher-salary.php. This manipulation of the argument teacher_id causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.