Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-27236 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the compnomenclature parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27237 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The code parameter in the The nomenclature parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2019-19499 | 1 Grafana | 1 Grafana | 2022-04-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations. | |||||
| CVE-2022-29498 | 1 Blazer Project | 1 Blazer | 2022-04-28 | 4.3 MEDIUM | 7.5 HIGH |
| Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run. | |||||
| CVE-2022-28431 | 1 Baby Care System Project | 1 Baby Care System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php&social=remove&sid=2. | |||||
| CVE-2022-28427 | 1 Baby Care System Project | 1 Baby Care System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php&action=read&msgid=. | |||||
| CVE-2022-28023 | 1 Purchase Order Management System Project | 1 Purchase Order Management System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_supplier. | |||||
| CVE-2022-28429 | 1 Baby Care System Project | 1 Baby Care System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php&action=delete&msgid=. | |||||
| CVE-2022-28432 | 1 Baby Care System Project | 1 Baby Care System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=display&value=0&sid=2. | |||||
| CVE-2022-28435 | 1 Baby Care System Project | 1 Baby Care System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php&action=displaygoal&value=1&roleid=1. | |||||
| CVE-2022-28434 | 1 Baby Care System Project | 1 Baby Care System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=edit&sid=2. | |||||
| CVE-2022-28433 | 1 Baby Care System Project | 1 Baby Care System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=display&value=Show&userid=. | |||||
| CVE-2022-28436 | 1 Baby Care System Project | 1 Baby Care System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=display&value=Hide&userid=. | |||||
| CVE-2022-28439 | 1 Baby Care System Project | 1 Baby Care System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&&action=delete&userid=4. | |||||
| CVE-2022-28438 | 1 Baby Care System Project | 1 Baby Care System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=User&userid=. | |||||
| CVE-2022-28415 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_collection. | |||||
| CVE-2022-28416 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_phase. | |||||
| CVE-2022-28414 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_member. | |||||
| CVE-2022-28413 | 1 Car Driving School Management System Project | 1 Car Driving School Management System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Car Driving School Management System v1.0 was discovered to contain a SQL injection vulnerability via /cdsms/classes/Master.php?f=delete_enrollment. | |||||
| CVE-2022-28412 | 1 Car Driving School Management System Project | 1 Car Driving School Management System | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Car Driving School Managment System v1.0 was discovered to contain a SQL injection vulnerability via /cdsms/classes/Master.php?f=delete_package. | |||||