Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-28424 | 1 Baby Care System Project | 1 Baby Care System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&find=. | |||||
| CVE-2022-28425 | 1 Baby Care System Project | 1 Baby Care System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/pagerole.php&action=display&value=1&roleid=. | |||||
| CVE-2022-28426 | 1 Baby Care System Project | 1 Baby Care System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/pagerole.php&action=edit&roleid=. | |||||
| CVE-2020-27232 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘manageServiceStocks.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27231 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 6.5 MEDIUM | 8.8 HIGH |
| A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findDistrict parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27230 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 6.5 MEDIUM | 8.8 HIGH |
| A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findSector parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27243 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoService parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27242 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoLocation parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27246 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoComment parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27244 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoCode parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27245 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoBuyer parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27226 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘quickFile.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2022-28420 | 1 Baby Care System Project | 1 Baby Care System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via BabyCare/admin.php?id=theme&setid=. | |||||
| CVE-2022-28417 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_phase. | |||||
| CVE-2020-27229 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 6.5 MEDIUM | 8.8 HIGH |
| A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findPersonID parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27238 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The code parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27239 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The assetStatus parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27234 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the serviceUID parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27233 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the supplierUID parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27235 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the description parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||