Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-44414 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2022-11-19 | N/A | 7.2 HIGH |
| Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/services/manage_service.php?id=. | |||||
| CVE-2022-44413 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2022-11-19 | N/A | 7.2 HIGH |
| Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/mechanics/manage_mechanic.php?id=. | |||||
| CVE-2022-44820 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2022-11-19 | N/A | 7.2 HIGH |
| Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=transactions/manage_transaction&id=. | |||||
| CVE-2022-4015 | 1 Sports Club Management System Project | 1 Sports Club Management System | 2022-11-18 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in Sports Club Management System 119. This affects an unknown part of the file admin/make_payments.php. The manipulation of the argument m_id/plan leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213789 was assigned to this vulnerability. | |||||
| CVE-2022-43506 | 1 Deltaww | 1 Diaenergie | 2022-11-18 | N/A | 8.8 HIGH |
| SQL Injection in HandlerTag_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | |||||
| CVE-2022-43447 | 1 Deltaww | 1 Diaenergie | 2022-11-18 | N/A | 8.8 HIGH |
| SQL Injection in AM_EBillAnalysis.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | |||||
| CVE-2022-41775 | 1 Deltaww | 1 Diaenergie | 2022-11-18 | N/A | 8.8 HIGH |
| SQL Injection in Handler_CFG.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | |||||
| CVE-2022-43457 | 1 Deltaww | 1 Diaenergie | 2022-11-18 | N/A | 8.8 HIGH |
| SQL Injection in HandlerPage_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | |||||
| CVE-2022-43452 | 1 Deltaww | 1 Diaenergie | 2022-11-18 | N/A | 8.8 HIGH |
| SQL Injection in FtyInfoSetting.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | |||||
| CVE-2022-39180 | 1 College Management System Project | 1 College Management System | 2022-11-18 | N/A | 9.8 CRITICAL |
| College Management System v1.0 - SQL Injection (SQLi). By inserting SQL commands to the username and password fields in the login.php page. | |||||
| CVE-2022-39179 | 1 College Management System Project | 1 College Management System | 2022-11-18 | N/A | 7.2 HIGH |
| College Management System v1.0 - Authenticated remote code execution. An admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload .php file that contains malicious code via student.php file. | |||||
| CVE-2022-43179 | 1 Online Leave Management System Project | 1 Online Leave Management System | 2022-11-18 | N/A | 7.2 HIGH |
| Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /admin/?page=user/manage_user&id=. | |||||
| CVE-2022-43162 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-18 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tests/view_test.php. | |||||
| CVE-2022-43163 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-18 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /clients/view_client.php. | |||||
| CVE-2022-44403 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2022-11-18 | N/A | 7.2 HIGH |
| Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=user/manage_user&id=. | |||||
| CVE-2022-44402 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2022-11-18 | N/A | 7.2 HIGH |
| Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_transaction. | |||||
| CVE-2022-4052 | 1 Student Attendance Management System Project | 1 Student Attendance Management System | 2022-11-18 | N/A | 7.2 HIGH |
| A vulnerability was found in Student Attendance Management System and classified as critical. This issue affects some unknown processing of the file /Admin/createClass.php. The manipulation of the argument Id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213845 was assigned to this vulnerability. | |||||
| CVE-2022-43135 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-17 | N/A | 9.8 CRITICAL |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at /diagnostic/login.php. | |||||
| CVE-2022-42245 | 1 Dreamer Cms Project | 1 Dreamer Cms | 2022-11-17 | N/A | 9.8 CRITICAL |
| Dreamer CMS 4.0.01 is vulnerable to SQL Injection. | |||||
| CVE-2021-38819 | 1 Simple Image Gallery Web App Project | 1 Simple Image Gallery Web App | 2022-11-17 | N/A | 8.8 HIGH |
| A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through "id" parameter on the album page. | |||||