Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-09 | CVE-2024-25314 | SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0 Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2. | 9.8 |
2024-02-09 | CVE-2024-25315 | SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0 Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel/admin/roombook.php?rid=2. | 9.8 |
2024-02-09 | CVE-2024-25316 | SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0 Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel/admin/usersettingdel.php?eid=2. | 9.8 |
2024-02-09 | CVE-2024-25318 | SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0 Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2. | 8.8 |
2024-02-09 | CVE-2024-25304 | SQL Injection vulnerability in Code-Projects Simple School Management System 1.0 Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter at "School/index.php." | 8.8 |
2024-02-09 | CVE-2024-25305 | SQL Injection vulnerability in Code-Projects Simple School Management System 1.0 Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/index.php. | 8.8 |
2024-02-09 | CVE-2024-25306 | SQL Injection vulnerability in Code-Projects Simple School Management System 1.0 Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php". | 8.8 |
2024-02-09 | CVE-2024-25308 | SQL Injection vulnerability in Code-Projects Simple School Management System 1.0 Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'name' parameter at School/teacher_login.php. | 8.8 |
2024-02-09 | CVE-2024-25309 | SQL Injection vulnerability in Code-Projects Simple School Management System 1.0 Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at School/teacher_login.php. | 8.8 |
2024-02-09 | CVE-2024-25312 | SQL Injection vulnerability in Code-Projects Simple School Management System 1.0 Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/sub_delete.php?id=5." | 8.8 |