Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45328 | 1 Church Management System Project | 1 Church Management System | 2022-12-01 | N/A | 7.2 HIGH |
| Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_members.php. | |||||
| CVE-2022-44399 | 1 Poultry Farm Management System Project | 1 Poultry Farm Management System | 2022-12-01 | N/A | 9.8 CRITICAL |
| Poultry Farm Management System v1.0 contains a SQL injection vulnerability via the del parameter at /Redcock-Farm/farm/category.php. | |||||
| CVE-2022-3751 | 1 Owncast Project | 1 Owncast | 2022-12-01 | N/A | 9.8 CRITICAL |
| SQL Injection in GitHub repository owncast/owncast prior to 0.0.13. | |||||
| CVE-2022-44151 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2022-12-01 | N/A | 9.8 CRITICAL |
| Simple Inventory Management System v1.0 is vulnerable to SQL Injection via /ims/login.php. | |||||
| CVE-2022-44295 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2022-11-30 | N/A | 7.2 HIGH |
| Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/orders/assign_team.php?id=. | |||||
| CVE-2022-44294 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2022-11-30 | N/A | 7.2 HIGH |
| Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=services/manage_service&id=. | |||||
| CVE-2022-44296 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2022-11-30 | N/A | 7.2 HIGH |
| Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/quotes/manage_remark.php?id=. | |||||
| CVE-2022-45930 | 1 Linuxfoundation | 1 Opendaylight | 2022-11-30 | N/A | 7.5 HIGH |
| A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/DomainStore.java deleteDomain function is affected for the /auth/v1/domains/ API interface. | |||||
| CVE-2022-45931 | 1 Linuxfoundation | 1 Opendaylight | 2022-11-30 | N/A | 7.5 HIGH |
| A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/UserStore.java deleteUser function is affected when the API interface /auth/v1/users/ is used. | |||||
| CVE-2022-45932 | 1 Linuxfoundation | 1 Opendaylight | 2022-11-30 | N/A | 7.5 HIGH |
| A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/RoleStore.java deleteRole function is affected when the API interface /auth/v1/roles/ is used. | |||||
| CVE-2022-39066 | 1 Zte | 2 Mf286r, Mf286r Firmware | 2022-11-30 | N/A | 8.8 HIGH |
| There is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters of the phonebook interface, an authenticated attacker could use the vulnerability to execute arbitrary SQL injection. | |||||
| CVE-2022-42109 | 1 Online-shopping-system-advanced Project | 1 Online-shopping-system-advanced | 2022-11-29 | N/A | 9.8 CRITICAL |
| Online-shopping-system-advanced 1.0 was discovered to contain a SQL injection vulnerability via the p parameter at /shopping/product.php. | |||||
| CVE-2022-45329 | 1 Aerocms Project | 1 Aerocms | 2022-11-29 | N/A | 7.5 HIGH |
| AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Search parameter. This vulnerability allows attackers to access database information. | |||||
| CVE-2022-3689 | 1 Ibericode | 1 Html Forms | 2022-11-29 | N/A | 7.2 HIGH |
| The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users | |||||
| CVE-2022-31325 | 1 Churchcrm | 1 Churchcrm | 2022-11-29 | 6.5 MEDIUM | 7.2 HIGH |
| There is a SQL Injection vulnerability in ChurchCRM 4.4.5 via the 'PersonID' field in /churchcrm/WhyCameEditor.php. | |||||
| CVE-2021-43035 | 1 Kaseya | 1 Unitrends Backup | 2022-11-28 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Two unauthenticated SQL injection vulnerabilities were discovered, allowing arbitrary SQL queries to be injected and executed under the postgres superuser account. Remote code execution was possible, leading to full access to the postgres user account. | |||||
| CVE-2022-4088 | 1 Stock Management System Project | 1 Stock Management System | 2022-11-28 | N/A | 9.8 CRITICAL |
| A vulnerability was found in rickxy Stock Management System and classified as critical. Affected by this issue is some unknown functionality of the file /pages/processlogin.php. The manipulation of the argument user/password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-214322 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-44860 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2022-11-28 | N/A | 7.2 HIGH |
| Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/transactions/update_status.php. | |||||
| CVE-2022-44858 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2022-11-28 | N/A | 7.2 HIGH |
| Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/products/view_product.php. | |||||
| CVE-2022-44859 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2022-11-28 | N/A | 7.2 HIGH |
| Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/admin/products/manage_product.php. | |||||