Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-38269 | 1 School Activity Updates With Sms Notification Project | 1 School Activity Updates With Sms Notification | 2022-09-15 | N/A | 7.2 HIGH |
| School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/modstudent/index.php?view=edit&id=. | |||||
| CVE-2022-38268 | 1 School Activity Updates With Sms Notification Project | 1 School Activity Updates With Sms Notification | 2022-09-15 | N/A | 7.2 HIGH |
| School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/autonumber/index.php?view=edit&id=. | |||||
| CVE-2022-38267 | 1 School Activity Updates With Sms Notification Project | 1 School Activity Updates With Sms Notification | 2022-09-15 | N/A | 7.2 HIGH |
| School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/user/index.php?view=edit&id=. | |||||
| CVE-2022-38265 | 1 Apartment Visitor Management System Project | 1 Apartment Visitor Management System | 2022-09-15 | N/A | 7.2 HIGH |
| Apartment Visitor Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at /avms/edit-apartment.php. | |||||
| CVE-2022-38304 | 1 Online Leave Management System Project | 1 Online Leave Management System | 2022-09-14 | N/A | 7.2 HIGH |
| Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_leave_type.php. | |||||
| CVE-2022-38303 | 1 Online Leave Management System Project | 1 Online Leave Management System | 2022-09-14 | N/A | 7.2 HIGH |
| Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /employees/manage_leave_type.php. | |||||
| CVE-2022-38302 | 1 Online Leave Management System Project | 1 Online Leave Management System | 2022-09-14 | N/A | 7.2 HIGH |
| Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_department.php. | |||||
| CVE-2022-38606 | 1 Garage Management System Project | 1 Garage Management System | 2022-09-14 | N/A | 7.2 HIGH |
| Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editcategory.php. | |||||
| CVE-2022-38610 | 1 Garage Management System Project | 1 Garage Management System | 2022-09-14 | N/A | 7.2 HIGH |
| Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editclient.php. | |||||
| CVE-2022-38605 | 1 Church Management System Project | 1 Church Management System | 2022-09-14 | N/A | 7.2 HIGH |
| Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_event.php. | |||||
| CVE-2022-36258 | 1 Inventorymanagementsystem Project | 1 Inventorymanagementsystem | 2022-09-14 | N/A | 7.5 HIGH |
| A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt". | |||||
| CVE-2022-36259 | 1 Inventorymanagementsystem Project | 1 Inventorymanagementsystem | 2022-09-14 | N/A | 7.5 HIGH |
| A SQL injection vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "username", "password", etc. | |||||
| CVE-2022-36257 | 1 Inventorymanagementsystem Project | 1 Inventorymanagementsystem | 2022-09-14 | N/A | 7.5 HIGH |
| A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "users", "pass", etc. | |||||
| CVE-2022-36256 | 1 Inventorymanagementsystem Project | 1 Inventorymanagementsystem | 2022-09-14 | N/A | 7.5 HIGH |
| A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "productcode". | |||||
| CVE-2022-36255 | 1 Inventorymanagementsystem Project | 1 Inventorymanagementsystem | 2022-09-14 | N/A | 7.5 HIGH |
| A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt". | |||||
| CVE-2022-37794 | 1 Library Management System Project | 1 Library Management System | 2022-09-14 | N/A | 9.8 CRITICAL |
| In Library Management System 1.0 the /card/in-card.php file id_no parameters are vulnerable to SQL injection. | |||||
| CVE-2022-32456 | 1 Digiwin | 1 Business Process Management | 2022-09-14 | N/A | 9.8 CRITICAL |
| Digiwin BPM’s function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify, delete database or disrupt service. | |||||
| CVE-2022-38615 | 1 Bpcbt | 1 Smartvista Front-end | 2022-09-14 | N/A | 8.8 HIGH |
| SmartVista SVFE2 v2.2.22 was discovered to contain multiple SQL injection vulnerabilities via the UserForm:j_id88, UserForm:j_id90, and UserForm:j_id92 parameters at /SVFE2/pages/feegroups/service_group.jsf. | |||||
| CVE-2022-38284 | 1 Jflyfox | 1 Jfinal Cms | 2022-09-13 | N/A | 7.2 HIGH |
| JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/department/list. | |||||
| CVE-2022-38286 | 1 Jflyfox | 1 Jfinal Cms | 2022-09-13 | N/A | 7.2 HIGH |
| JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/role/list. | |||||