CWE-74: Injection

This SQL injection vulnerability in code-projects Food Ordering System 1.0 allows attackers to manipulate database queries through the itemPrice param...

This SQL injection vulnerability in Bdtask Wholesale Inventory Control and Inventory Management System allows attackers to manipulate database queries...

This SQL injection vulnerability in Vvveb CMS allows attackers to execute arbitrary SQL commands through the Raw SQL Handler import function. It affec...

This SQL injection vulnerability in code-projects Automated Voting System 1.0 allows attackers to manipulate database queries through the Password par...

This SQL injection vulnerability in Campcodes Online Beauty Parlor Management System 1.0 allows attackers to manipulate database queries through the '...

This vulnerability allows SQL injection through the mobilenumber parameter in the /admin-profile.php file of Campcodes Online Apartment Visitor Manage...

CVE-2025-11342 is a SQL injection vulnerability in code-projects Online Course Registration 1.0 that allows attackers to manipulate database queries t...

This vulnerability allows remote attackers to execute arbitrary commands on Keyfactor RG-EW5100BE devices by injecting malicious commands through the ...

This vulnerability allows remote attackers to execute arbitrary code through template management functionality in MuYuCMS. It affects all installation...

This SQL injection vulnerability in SeaCMS allows attackers to manipulate database queries through the /admin_members.php endpoint. Attackers can pote...

This CVE describes a code injection vulnerability in the fcba_zzm ics-park Smart Park Management System 2.0, specifically in the Scheduled Task Module...

This SQL injection vulnerability in Maccms10 allows attackers to manipulate database queries through the 'where' parameter in the 'rep' function. Atta...

This SQL injection vulnerability in SourceCodester Pet Grooming Management Software 1.0 allows attackers to manipulate database queries through the pr...

This SQL injection vulnerability in RemoteClinic 2.0 allows attackers to manipulate database queries through the ID parameter in /staff/profile.php. A...

This critical SQL injection vulnerability in the itsourcecode Employee Management System allows attackers to manipulate database queries through the c...

This critical SQL injection vulnerability in Campcodes Complaint Management System 1.0 allows remote attackers to execute arbitrary SQL commands via t...

This vulnerability allows remote attackers to execute arbitrary SQL commands via the ID parameter in the /admin/testimonials/manage.php file of Source...

CVE-2025-6867 is a critical SQL injection vulnerability in SourceCodester Simple Company Website 1.0 that allows remote attackers to execute arbitrary...

This SQL injection vulnerability in code-projects Product Inventory System 1.0 allows attackers to manipulate database queries through the ID paramete...

This is a critical SQL injection vulnerability in the like-girl software version 5.2.0. Attackers can remotely exploit the /admin/ipAddPost.php file b...

This critical SQL injection vulnerability in kiCode111 like-girl 5.2.0 allows remote attackers to execute arbitrary SQL commands via the /admin/ImgUpd...

This CVE describes a critical SQL injection vulnerability in kiCode111 like-girl version 5.2.0. Attackers can exploit the /admin/ImgAddPost.php file b...

This critical SQL injection vulnerability in SourceCodester Client Database Management System 1.0 allows attackers to execute arbitrary SQL commands v...

This CVE describes a critical code injection vulnerability in DedeCMS 5.7.117 that allows remote attackers to execute arbitrary code by manipulating t...

This vulnerability allows unauthenticated remote attackers to inject HTML content into authenticated users' browsers via the Cisco Catalyst SD-WAN Man...

This critical SQL injection vulnerability in SeaCMS allows remote attackers to execute arbitrary SQL commands via the e_id parameter in the /admin_top...

This critical SQL injection vulnerability in SeaCMS allows remote attackers to execute arbitrary SQL commands through the /admin_link.php endpoint. At...

This critical vulnerability in WuzhiCMS 4.1 allows remote attackers to execute arbitrary code through code injection in the Setting Handler component....

A critical SQL injection vulnerability exists in CodeZips Hospital Management System 1.0 via the /suadpeted.php file's ID parameter. This allows remot...

This critical vulnerability in code-projects Online Class and Exam Scheduling System 1.0 allows remote attackers to execute SQL injection attacks via ...

This critical SQL injection vulnerability in code-projects Online Class and Exam Scheduling System 1.0 allows remote attackers to execute arbitrary SQ...

This critical SQL injection vulnerability in ftcms 2.1 allows remote attackers to execute arbitrary SQL commands through the name parameter in the sea...

This critical SQL injection vulnerability in Blood Bank Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the state_...

This is a critical SQL injection vulnerability in code-projects Blood Bank Management System 1.0 that allows attackers to manipulate database queries ...

This critical SQL injection vulnerability in Blood Bank Management System 1.0 allows attackers to execute arbitrary SQL commands via the member_id par...

This critical SQL injection vulnerability in PHPGurukul Restaurant Table Booking System 1.0 allows attackers to manipulate database queries through th...

This vulnerability in ShopXO allows remote attackers to perform injection attacks through the template handler component. It affects all ShopXO instal...

This critical SQL injection vulnerability in 1000 Projects Bookstore Management System 1.0 allows remote attackers to execute arbitrary SQL commands v...

This critical SQL injection vulnerability in Pimcore Customer Data Framework allows remote attackers to execute arbitrary SQL commands via the filterD...

This CVE describes a critical command injection vulnerability in EnGenius networking devices that allows remote attackers to execute arbitrary command...

This critical vulnerability allows remote attackers to execute arbitrary commands on affected EnGenius networking devices by injecting malicious input...

This critical vulnerability allows remote attackers to execute arbitrary commands on affected EnGenius networking devices by injecting malicious input...

This critical vulnerability in EnGenius wireless access points allows remote attackers to execute arbitrary commands via command injection in the trac...

This critical vulnerability in EnGenius networking devices allows remote attackers to execute arbitrary commands by manipulating the 'https_enable' pa...

This critical vulnerability in SourceCodester Best Employee Management System 1.0 allows authenticated attackers to perform SQL injection attacks via ...

This vulnerability allows remote attackers to execute SQL injection attacks against the Real Estate Management System by manipulating the 'id' paramet...

This is a SQL injection vulnerability in the Interlib Library Cluster Automation Management System that allows attackers to execute arbitrary SQL comm...

This CVE describes a command injection vulnerability in Yealink MeetingBar A30's Diagnostic Handler component. Attackers with physical access to the d...

This vulnerability allows attackers to inject malicious scripts into the E-Learning System's lesson module through Title/Description fields. When exec...

This CVE describes a vulnerability in Composer PHP dependency manager where attackers controlling remote package sources could inject ANSI control cha...