CWE-74: Injection

This SQL injection vulnerability in SourceCodester Hotel and Lodge Management System 1.0 allows attackers to manipulate database queries through the '...

This SQL injection vulnerability in SourceCodester Hotel and Lodge Management System 1.0 allows attackers to execute arbitrary SQL commands via the ID...

CVE-2025-11358 is a SQL injection vulnerability in Simple Banking System 1.0 that allows remote attackers to execute arbitrary SQL commands via the ID...

This vulnerability in ILIAS learning management system allows remote attackers to execute arbitrary code through the Certificate Import Handler compon...

This SQL injection vulnerability in PHPGurukul Beauty Parlour Management System 1.1 allows attackers to manipulate database queries through the fromda...

This CVE describes a command injection vulnerability in Belkin F9K1015 routers. Attackers can remotely execute arbitrary commands by manipulating the ...

This SQL injection vulnerability in CodeAstro Online Leave Application 1.0 allows attackers to manipulate database queries through the 'city' paramete...

This SQL injection vulnerability in CodeAstro Online Leave Application 1.0 allows attackers to manipulate database queries through the absence[] param...

This SQL injection vulnerability in CodeAstro Electricity Billing System 1.0 allows attackers to manipulate database queries through the uid parameter...

This vulnerability allows remote attackers to execute arbitrary commands on D-Link DIR-823X routers by exploiting a command injection flaw in the uci_...

This CVE describes a command injection vulnerability in D-Link DIR-823X routers that allows remote attackers to execute arbitrary commands on affected...

This vulnerability allows remote attackers to execute arbitrary commands on D-Link DIR-823X routers through command injection in the uci_del function....

This vulnerability allows remote attackers to execute arbitrary commands on D-Link DIR-823X routers by injecting malicious commands into the mac param...

This CVE describes a command injection vulnerability in D-Link DIR-823X routers that allows remote attackers to execute arbitrary commands on affected...

CVE-2025-11088 is an SQL injection vulnerability in itsourcecode Open Source Job Portal 1.0 that allows attackers to manipulate database queries throu...

CVE-2025-11038 is a SQL injection vulnerability in itsourcecode Online Clinic Management System 1.0 that allows attackers to manipulate database queri...

CVE-2025-11041 is an SQL injection vulnerability in itsourcecode Open Source Job Portal 1.0 that allows attackers to manipulate database queries throu...

This vulnerability allows remote attackers to execute arbitrary commands on Wavlink NU516U1 devices by exploiting a command injection flaw in the fire...

This vulnerability allows remote attackers to execute arbitrary commands on Wavlink NU516U1 routers by injecting malicious input into the mac_5g param...

This CVE describes a command injection vulnerability in Wavlink NU516U1 routers running firmware version M16U1_V240425. Attackers can remotely execute...

This vulnerability allows remote attackers to execute arbitrary commands on Wavlink NU516U1 routers by exploiting a command injection flaw in the fire...

This vulnerability allows remote attackers to execute arbitrary commands on Wavlink NU516U1 routers by injecting malicious input into the DeleteMac pa...

This vulnerability allows remote attackers to execute arbitrary commands on Wavlink NU516U1 routers by injecting malicious commands through the macAdd...

Campcodes Society Membership Information System 1.0 contains a SQL injection vulnerability in the /check_student.php file via the student_id parameter...

This SQL injection vulnerability in Portabilis i-Educar allows attackers to execute arbitrary SQL commands through the /module/Cadastro/aluno endpoint...

This SQL injection vulnerability in Portabilis i-Educar allows attackers to execute arbitrary SQL commands by manipulating the ID parameter in the /mo...

This SQL injection vulnerability in Portabilis i-Educar allows attackers to manipulate database queries through the /module/ComponenteCurricular/edit ...

This SQL injection vulnerability in SourceCodester Pet Grooming Management Software 1.0 allows attackers to manipulate database queries via the sql111...

This SQL injection vulnerability in SourceCodester Pet Grooming Management Software allows attackers to manipulate database queries through the ID par...

This vulnerability allows remote attackers to execute arbitrary SQL commands through the viewid parameter in the /admin/view-appointment.php file of C...

Campcodes Online Beauty Parlor Management System 1.0 contains a SQL injection vulnerability in the /admin/sales-reports-detail.php file through the fr...

This SQL injection vulnerability in Campcodes Online Beauty Parlor Management System 1.0 allows attackers to manipulate database queries through the f...

This SQL injection vulnerability in Campcodes Online Beauty Parlor Management System 1.0 allows attackers to manipulate database queries through the e...

This SQL injection vulnerability in Campcodes Online Beauty Parlor Management System 1.0 allows attackers to manipulate database queries through the m...

This SQL injection vulnerability in Campcodes Online Beauty Parlor Management System 1.0 allows attackers to manipulate database queries through the '...

This CVE describes a SQL injection vulnerability in kuaifan DooTask's UsersController.php file. Attackers can remotely exploit this by manipulating th...

This vulnerability allows remote attackers to execute arbitrary commands on D-Link DIR-645 routers by exploiting a command injection flaw in the SOAP ...

This CVE describes a SQL injection vulnerability in SourceCodester Online Polling System 1.0, specifically in the /admin/positions.php file's ID param...

This SQL injection vulnerability in itsourcecode Online Clinic Management System 1.0 allows attackers to manipulate database queries through the first...

This SQL injection vulnerability in itsourcecode Student Information System 1.0 allows attackers to manipulate database queries through the level_id p...

This SQL injection vulnerability in SourceCodester Online Student File Management System 1.0 allows attackers to execute arbitrary SQL commands via th...

This SQL injection vulnerability in SourceCodester Online Student File Management System 1.0 allows attackers to manipulate database queries through t...

This SQL injection vulnerability in SourceCodester Online Student File Management System 1.0 allows attackers to manipulate database queries through t...

CVE-2025-10592 is an SQL injection vulnerability in itsourcecode Online Public Access Catalog OPAC 1.0 that allows attackers to execute arbitrary SQL ...

This SQL injection vulnerability in SourceCodester Online Student File Management System 1.0 allows attackers to manipulate database queries through t...

This SQL injection vulnerability in SourceCodester Online Student File Management System 1.0 allows attackers to manipulate database queries through t...

This SQL injection vulnerability in RuoYi's blacklist handler allows attackers to execute arbitrary SQL commands on affected systems. It affects RuoYi...

This SQL injection vulnerability in SourceCodester Pet Grooming Management Software 1.0 allows attackers to manipulate database queries through the /a...

This SQL injection vulnerability in SourceCodester Pet Grooming Management Software 1.0 allows attackers to manipulate database queries via the ID par...

This SQL injection vulnerability in SourceCodester Pet Grooming Management Software 1.0 allows remote attackers to execute arbitrary SQL commands via ...