Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40615 | 2 Ibm, Linux | 2 Sterling Partner Engagement Manager, Linux Kernel | 2023-01-18 | N/A | 9.8 CRITICAL |
| IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 236208. | |||||
| CVE-2015-10037 | 1 Aci Escola Project | 1 Aci Escola | 2023-01-18 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in ACI_Escola. This affects an unknown part. The manipulation leads to sql injection. The name of the patch is 34eed1f7b9295d1424912f79989d8aba5de41e9f. It is recommended to apply a patch to fix this issue. The identifier VDB-217965 was assigned to this vulnerability. | |||||
| CVE-2015-10036 | 1 Dronfelipe Project | 1 Dronfelipe | 2023-01-18 | N/A | 9.8 CRITICAL |
| A vulnerability was found in kylebebak dronfelipe. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The name of the patch is 87405b74fe651892d79d0dff62ed17a7eaef6a60. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217951. | |||||
| CVE-2022-45165 | 1 Archibus | 1 Web Central | 2023-01-18 | N/A | 8.8 HIGH |
| An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a user-controlled parameter that is used to create an SQL query. It causes this service to be prone to SQL injection. | |||||
| CVE-2014-125073 | 1 Voteapp Project | 1 Voteapp | 2023-01-14 | N/A | 9.8 CRITICAL |
| A vulnerability was found in mapoor voteapp. It has been rated as critical. Affected by this issue is the function create_poll/do_poll/show_poll/show_refresh of the file app.py. The manipulation leads to sql injection. The name of the patch is b290c21a0d8bcdbd55db860afd3cadec97388e72. It is recommended to apply a patch to fix this issue. VDB-217790 is the identifier assigned to this vulnerability. | |||||
| CVE-2015-10035 | 1 Angular-test-reporter Project | 1 Angular-test-reporter | 2023-01-13 | N/A | 9.8 CRITICAL |
| A vulnerability was found in gperson angular-test-reporter and classified as critical. This issue affects the function getProjectTables/addTest of the file rest-server/data-server.js. The manipulation leads to sql injection. The name of the patch is a29d8ae121b46ebfa96a55a9106466ab2ef166ae. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217715. | |||||
| CVE-2015-10034 | 1 Workout-organizer Project | 1 Workout-organizer | 2023-01-13 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in j-nowak workout-organizer and classified as critical. This vulnerability affects unknown code. The manipulation leads to sql injection. The name of the patch is 13cd6c3d1210640bfdb39872b2bb3597aa991279. It is recommended to apply a patch to fix this issue. VDB-217714 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-47862 | 1 Lead Management System Project | 1 Lead Management System | 2023-01-13 | N/A | 9.8 CRITICAL |
| Lead Management System v1.0 is vulnerable to SQL Injection via the customer_id parameter in ajax_represent.php. | |||||
| CVE-2022-47861 | 1 Lead Management System Project | 1 Lead Management System | 2023-01-13 | N/A | 9.8 CRITICAL |
| Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeLead.php. | |||||
| CVE-2022-47864 | 1 Lead Management System Project | 1 Lead Management System | 2023-01-13 | N/A | 9.8 CRITICAL |
| Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeCategories.php. | |||||
| CVE-2022-47860 | 1 Lead Management System Project | 1 Lead Management System | 2023-01-13 | N/A | 9.8 CRITICAL |
| Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeProduct.php. | |||||
| CVE-2022-47866 | 1 Lead Management System Project | 1 Lead Management System | 2023-01-13 | N/A | 9.8 CRITICAL |
| Lead management system v1.0 is vulnerable to SQL Injection via the id parameter in removeBrand.php. | |||||
| CVE-2022-47859 | 1 Lead Management System Project | 1 Lead Management System | 2023-01-13 | N/A | 9.8 CRITICAL |
| Lead Management System v1.0 is vulnerable to SQL Injection via the user_id parameter in changePassword.php. | |||||
| CVE-2022-47865 | 1 Lead Management System Project | 1 Lead Management System | 2023-01-13 | N/A | 9.8 CRITICAL |
| Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeOrder.php. | |||||
| CVE-2014-125072 | 1 Klattr Project | 1 Klattr | 2023-01-12 | N/A | 7.8 HIGH |
| A vulnerability classified as critical has been found in CherishSin klattr. This affects an unknown part. The manipulation leads to sql injection. The name of the patch is f8e4ecfbb83aef577011b0b4aebe96fb6ec557f1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217719. | |||||
| CVE-2016-15016 | 1 Joomla Mod Einsatz Stats Project | 1 Joomla Mod Einsatz Stats | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability was found in mrtnmtth joomla_mod_einsatz_stats up to 0.2. It has been classified as critical. This affects the function getStatsByType of the file helper.php. The manipulation of the argument year leads to sql injection. Upgrading to version 0.3 is able to address this issue. The name of the patch is 27c1b443cff45c81d9d7d926a74c76f8b6ffc6cb. It is recommended to upgrade the affected component. The identifier VDB-217653 was assigned to this vulnerability. | |||||
| CVE-2015-10031 | 1 Github | 1 491-project | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in purpleparrots 491-Project. This vulnerability affects unknown code of the file update.php of the component Highscore Handler. The manipulation leads to sql injection. The name of the patch is a812a5e4cf72f2a635a716086fe1ee2b8fa0b1ab. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217648. | |||||
| CVE-2022-47790 | 1 Dynamic Transaction Queuing System Project | 1 Dynamic Transaction Queuing System | 2023-01-12 | N/A | 9.8 CRITICAL |
| Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=. | |||||
| CVE-2016-15013 | 1 Forumhulp | 1 Search Results | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability was found in ForumHulp searchresults. It has been rated as critical. Affected by this issue is the function list_keywords of the file event/listener.php. The manipulation of the argument word leads to sql injection. The name of the patch is dd8a312bb285ad9735a8e1da58e9e955837b7322. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217628. | |||||
| CVE-2014-125063 | 1 Bid Project | 1 Bid | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability was found in ada-l0velace Bid and classified as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The name of the patch is abd71140b8219fa8741d0d8a57ab27d5bfd34222. It is recommended to apply a patch to fix this issue. The identifier VDB-217625 was assigned to this vulnerability. | |||||