Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-37372 | 1 Siemens | 1 Ruggedcom Crossbow | 2023-08-10 | N/A | 9.8 CRITICAL |
| A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an unauthenticated remote attackers to execute arbitrary SQL queries on the server database. | |||||
| CVE-2023-3898 | 1 Mayanets | 1 E-commerce | 2023-08-10 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mAyaNet E-Commerce Software allows SQL Injection.This issue affects E-Commerce Software: before 1.1. | |||||
| CVE-2023-39524 | 1 Prestashop | 1 Prestashop | 2023-08-10 | N/A | 9.8 CRITICAL |
| PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, SQL injection possible in the product search field, in BO's product page. Version 8.1.1 contains a patch for this issue. There are no known workarounds. | |||||
| CVE-2023-39344 | 1 Fobybus | 1 Social-media-skeleton | 2023-08-10 | N/A | 8.8 HIGH |
| social-media-skeleton is an uncompleted social media project. A SQL injection vulnerability in the project allows UNION based injections, which indirectly leads to remote code execution. Commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1 contains a fix for this issue. | |||||
| CVE-2023-37682 | 1 Judging Management System Project | 1 Judging Management System | 2023-08-10 | N/A | 9.8 CRITICAL |
| Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php-jms/deductScores.php. | |||||
| CVE-2023-3716 | 1 Oduyo | 1 Online Collection | 2023-08-10 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oduyo Online Collection Software allows SQL Injection.This issue affects Online Collection Software: before 1.0.1. | |||||
| CVE-2023-39526 | 1 Prestashop | 1 Prestashop | 2023-08-09 | N/A | 9.8 CRITICAL |
| PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to remote code execution through SQL injection and arbitrary file write in the back office. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds. | |||||
| CVE-2023-38773 | 1 Churchcrm | 1 Churchcrm | 2023-08-09 | N/A | 7.5 HIGH |
| SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the volopp1 and volopp2 parameters within the /QueryView.php. | |||||
| CVE-2023-38771 | 1 Churchcrm | 1 Churchcrm | 2023-08-09 | N/A | 7.5 HIGH |
| SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the volopp parameter within the /QueryView.php. | |||||
| CVE-2023-38770 | 1 Churchcrm | 1 Churchcrm | 2023-08-09 | N/A | 7.5 HIGH |
| SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the group parameter within the /QueryView.php. | |||||
| CVE-2023-38769 | 1 Churchcrm | 1 Churchcrm | 2023-08-09 | N/A | 7.5 HIGH |
| SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the searchstring and searchwhat parameters within the /QueryView.php. | |||||
| CVE-2023-38768 | 1 Churchcrm | 1 Churchcrm | 2023-08-09 | N/A | 7.5 HIGH |
| SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the PropertyID parameter within the /QueryView.php. | |||||
| CVE-2023-38767 | 1 Churchcrm | 1 Churchcrm | 2023-08-09 | N/A | 7.5 HIGH |
| SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the 'value' and 'custom' parameters within the /QueryView.php. | |||||
| CVE-2023-38765 | 1 Churchcrm | 1 Churchcrm | 2023-08-09 | N/A | 7.5 HIGH |
| SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the membermonth parameter within the /QueryView.php. | |||||
| CVE-2023-38764 | 1 Churchcrm | 1 Churchcrm | 2023-08-09 | N/A | 7.5 HIGH |
| SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the birthmonth and percls parameters within the /QueryView.php. | |||||
| CVE-2023-38763 | 1 Churchcrm | 1 Churchcrm | 2023-08-09 | N/A | 6.5 MEDIUM |
| SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the FundRaiserID parameter within the /FundRaiserEditor.php endpoint. | |||||
| CVE-2023-23757 | 1 Bestaddon | 1 Bestaddon Gallery | 2023-08-09 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability allows SQL Injection. | |||||
| CVE-2023-23758 | 1 Creative-solutions | 1 Creative Gallery | 2023-08-09 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability allows SQL Injection. | |||||
| CVE-2023-34476 | 1 Mooj | 1 Proforms | 2023-08-09 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability allows SQL Injection. | |||||
| CVE-2023-34477 | 1 Braincert | 1 Virtual Classroom | 2023-08-09 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability allows SQL Injection. | |||||