Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27161 | 1 Cszcms | 1 Csz Cms | 2022-04-18 | 7.5 HIGH | 9.8 CRITICAL |
| Csz Cms 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_viewUsers | |||||
| CVE-2022-27163 | 1 Cszcms | 1 Csz Cms | 2022-04-18 | 7.5 HIGH | 9.8 CRITICAL |
| CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_editUser | |||||
| CVE-2022-27162 | 1 Cszcms | 1 Csz Cms | 2022-04-18 | 7.5 HIGH | 9.8 CRITICAL |
| CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_editUser | |||||
| CVE-2022-27165 | 1 Cszcms | 1 Csz Cms | 2022-04-18 | 7.5 HIGH | 9.8 CRITICAL |
| CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Plugin_manager_setstatus | |||||
| CVE-2022-27164 | 1 Cszcms | 1 Csz Cms | 2022-04-18 | 7.5 HIGH | 9.8 CRITICAL |
| CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_viewUsers | |||||
| CVE-2021-37291 | 1 Kevinlab | 1 4st L-bems | 2022-04-15 | 7.5 HIGH | 9.8 CRITICAL |
| An SQL Injection vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 ivia the input_id POST parameter in index.php. | |||||
| CVE-2022-27126 | 1 Zbzcms | 1 Zbzcms | 2022-04-15 | 7.5 HIGH | 9.8 CRITICAL |
| zbzcms v1.0 was discovered to contain a SQL injection vulnerability via the art parameter at /include/make.php. | |||||
| CVE-2022-27127 | 1 Zbzcms | 1 Zbzcms | 2022-04-15 | 6.4 MEDIUM | 6.5 MEDIUM |
| zbzcms v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php/ajax.php. | |||||
| CVE-2022-1023 | 1 Secondlinethemes | 1 Podcast Importer Secondline | 2022-04-14 | 6.5 MEDIUM | 7.2 HIGH |
| The Podcast Importer SecondLine WordPress plugin before 1.3.8 does not sanitise and properly escape some imported data, which could allow SQL injection attacks to be performed by imported a malicious podcast file | |||||
| CVE-2022-0949 | 1 Stopbadbots | 1 Block And Stop Bad Bots | 2022-04-14 | 7.5 HIGH | 9.8 CRITICAL |
| The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 6.930 does not properly sanitise and escape the fingerprint parameter before using it in a SQL statement via the stopbadbots_grava_fingerprint AJAX action, available to unauthenticated users, leading to a SQL injection | |||||
| CVE-2022-27041 | 1 Os4ed | 1 Opensis | 2022-04-14 | 5.0 MEDIUM | 7.5 HIGH |
| Due to lack of protection, parameter student_id in OpenSIS Classic 8.0 /modules/eligibility/Student.php can be used to inject SQL queries to extract information from databases. | |||||
| CVE-2022-1006 | 1 Elbtide | 1 Advanced Booking Calendar | 2022-04-14 | 6.5 MEDIUM | 7.2 HIGH |
| The Advanced Booking Calendar WordPress plugin before 1.7.1 does not sanitise and escape the id parameter when editing Calendars, which could allow high privilege users such as admin to perform SQL injection attacks | |||||
| CVE-2022-27992 | 1 Zoo Management System Project | 1 Zoo Management System | 2022-04-14 | 6.5 MEDIUM | 8.8 HIGH |
| Zoo Management System v1.0 was discovered to contain a SQL injection vulnerability at /public_html/animals via the class_id parameter. | |||||
| CVE-2022-27991 | 1 Online Banking System Project | 1 Online Banking System | 2022-04-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| Online Banking System in PHP v1 was discovered to contain multiple SQL injection vulnerabilities at /staff_login.php via the Staff ID and Staff Password parameters. | |||||
| CVE-2022-23972 | 1 Asus | 2 Rt-ax56u, Rt-ax56u Firmware | 2022-04-14 | 5.8 MEDIUM | 8.8 HIGH |
| ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. An unauthenticated LAN attacker to inject arbitrary SQL code to read, modify and delete database. | |||||
| CVE-2022-28001 | 1 Movie Seat Reservation Project | 1 Movie Seat Reservation | 2022-04-14 | 7.5 HIGH | 9.8 CRITICAL |
| Movie Seat Reservation v1 was discovered to contain a SQL injection vulnerability at /index.php?page=reserve via the id parameter. | |||||
| CVE-2022-1219 | 1 Pimcore | 1 Pimcore | 2022-04-13 | 5.0 MEDIUM | 7.5 HIGH |
| SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data | |||||
| CVE-2021-46436 | 1 Zzcms | 1 Zzcms | 2022-04-13 | 6.8 MEDIUM | 7.2 HIGH |
| An issue was discovered in ZZCMS 2021. There is a SQL injection vulnerability in ad_manage.php. | |||||
| CVE-2022-28000 | 1 Car Rental System Project | 1 Car Rental System | 2022-04-13 | 6.5 MEDIUM | 8.8 HIGH |
| Car Rental System v1.0 was discovered to contain a SQL injection vulnerability at /Car_Rental/booking.php via the id parameter. | |||||
| CVE-2022-26613 | 1 Php-cms Project | 1 Php-cms | 2022-04-13 | 7.5 HIGH | 9.8 CRITICAL |
| PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability via the category parameter in categorymenu.php. | |||||