Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40877 | 1 Exam Reviewer Management System Project | 1 Exam Reviewer Management System | 2022-09-28 | N/A | 9.8 CRITICAL |
| Exam Reviewer Management System 1.0 is vulnerable to SQL Injection via the ‘id’ parameter. | |||||
| CVE-2022-40354 | 1 Online Tours \& Travels Management System Project | 1 Online Tours \& Travels Management System | 2022-09-28 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_booking.php. | |||||
| CVE-2022-40353 | 1 Online Tours \& Travels Management System Project | 1 Online Tours \& Travels Management System | 2022-09-28 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/up_booking.php. | |||||
| CVE-2021-41433 | 1 Resumes Management And Job Application Website Application Project | 1 Resumes Management And Job Application Website Application | 2022-09-28 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability exists in version 1.0 of the Resumes Management and Job Application Website application login form by EGavilan Media that allows authentication bypass through login.php. | |||||
| CVE-2022-40043 | 1 Centreon | 1 Centreon | 2022-09-28 | N/A | 8.8 HIGH |
| Centreon v20.10.18 was discovered to contain a SQL injection vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations. | |||||
| CVE-2022-30004 | 1 Online Market Place Site Project | 1 Online Market Place Site | 2022-09-28 | N/A | 9.8 CRITICAL |
| Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection.. | |||||
| CVE-2022-32211 | 1 Rocket.chat | 1 Rocket.chat | 2022-09-28 | N/A | 8.8 HIGH |
| A SQL injection vulnerability exists in Rocket.Chat <v3.18.6, <v4.4.4 and <v4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret. | |||||
| CVE-2022-40098 | 1 Online Tours \& Travels Management System Project | 1 Online Tours \& Travels Management System | 2022-09-27 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense.php. | |||||
| CVE-2022-40097 | 1 Online Tours And Travels Management System Project | 1 Online Tours And Travels Management System | 2022-09-27 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_currency.php. | |||||
| CVE-2022-40099 | 1 Online Tours \& Travels Management System Project | 1 Online Tours \& Travels Management System | 2022-09-27 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense_category.php. | |||||
| CVE-2022-40485 | 1 Wedding Planner Project | 1 Wedding Planner | 2022-09-27 | N/A | 9.8 CRITICAL |
| Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /package_detail.php. | |||||
| CVE-2022-40484 | 1 Wedding Planner Project | 1 Wedding Planner | 2022-09-27 | N/A | 9.8 CRITICAL |
| Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking parameter at /admin/client_edit.php. | |||||
| CVE-2022-40483 | 1 Wedding Planner Project | 1 Wedding Planner | 2022-09-27 | N/A | 9.8 CRITICAL |
| Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /wedding_details.php. | |||||
| CVE-2022-40927 | 1 Online Leave Management System Project | 1 Online Leave Management System | 2022-09-27 | N/A | 7.2 HIGH |
| Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_designation. | |||||
| CVE-2022-40928 | 1 Online Leave Management System Project | 1 Online Leave Management System | 2022-09-27 | N/A | 7.2 HIGH |
| Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_application. | |||||
| CVE-2022-40926 | 1 Online Leave Management System Project | 1 Online Leave Management System | 2022-09-27 | N/A | 7.2 HIGH |
| Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_leave_type. | |||||
| CVE-2022-31181 | 1 Prestashop | 1 Prestashop | 2022-09-27 | N/A | 9.8 CRITICAL |
| PrestaShop is an Open Source e-commerce platform. In versions from 1.6.0.10 and before 1.7.8.7 PrestaShop is subject to an SQL injection vulnerability which can be chained to call PHP's Eval function on attacker input. The problem is fixed in version 1.7.8.7. Users are advised to upgrade. Users unable to upgrade may delete the MySQL Smarty cache feature. | |||||
| CVE-2022-40402 | 1 Wedding Planner Project | 1 Wedding Planner | 2022-09-26 | N/A | 8.8 HIGH |
| Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking parameter at /admin/client_assign.php. | |||||
| CVE-2022-40404 | 1 Wedding Planner Project | 1 Wedding Planner | 2022-09-26 | N/A | 8.8 HIGH |
| Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/select.php. | |||||
| CVE-2022-40403 | 1 Wedding Planner Project | 1 Wedding Planner | 2022-09-26 | N/A | 7.2 HIGH |
| Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/feature_edit.php. | |||||