Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-11-14 CVE-2024-50829 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /admin/edit_subject.php in kashipara E-learning Management System Project 1.0 via the unit parameter.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-50830 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /admin/calendar_of_events.php in kashipara E-learning Management System Project 1.0 via the date_start, date_end, and title parameters.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-50831 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection was found in /admin/admin_user.php in kashipara E-learning Management System Project 1.0 via the username and password parameters.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-50832 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /admin/edit_class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-50833 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters.
network
low complexity
lopalopa CWE-89
critical
 9.8
9.8
2024-11-14 CVE-2024-50834 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0 via the firstname and lastname parameters.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-50835 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning Management System Project 1.0 via the cys, un, ln, fn, and id parameters.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-11213 SQL Injection vulnerability in Mayurik Best Employee Management System 1.0
A vulnerability, which was classified as critical, was found in SourceCodester Best Employee Management System 1.0.
network
low complexity
mayurik CWE-89
7.2
7.2
2024-11-14 CVE-2024-11212 SQL Injection vulnerability in Mayurik Best Employee Management System 1.0
A vulnerability, which was classified as critical, has been found in SourceCodester Best Employee Management System 1.0.
network
low complexity
mayurik CWE-89
8.8
8.8
2024-11-13 CVE-2024-50970 SQL Injection vulnerability in Nikoarroyocuraza Online Furniture Shopping Project 1.0
A SQL injection vulnerability in orderview1.php of Itsourcecode Online Furniture Shopping Project 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
nikoarroyocuraza CWE-89
8.8
8.8