Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-37185 | 1 Ems Project | 1 Ems | 2022-09-09 | N/A | 7.5 HIGH |
| SQL injection vulnerability exists in the school information query interface (repschoolproj.php) of the EMS 6.2 system of the Office of the Thai Basic Education Commission, which can lead to data leakage. | |||||
| CVE-2022-29058 | 1 Fortinet | 4 Fortiap, Fortiap-s, Fortiap-u and 1 more | 2022-09-09 | N/A | 7.8 HIGH |
| An improper neutralization of special elements [CWE-89] used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiAP 6.0.0 through 6.4.7, 7.0.0 through 7.0.3, 7.2.0, FortiAP-S 6.0.0 through 6.4.7, FortiAP-W2 6.0.0 through 6.4.7, 7.0.0 through 7.0.3, 7.2.0 and FortiAP-U 5.4.0 through 6.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | |||||
| CVE-2022-38250 | 1 Nagios | 1 Nagios Xi | 2022-09-09 | N/A | 9.8 CRITICAL |
| Nagios XI v5.8.6 was discovered to contain a SQL injection vulnerability via the mib_name parameter at the Manage MIBs page. | |||||
| CVE-2022-38255 | 1 Interview Management System Project | 1 Interview Management System | 2022-09-09 | N/A | 7.2 HIGH |
| Interview Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /interview/editQuestion.php. | |||||
| CVE-2022-38260 | 1 Interview Management System Project | 1 Interview Management System | 2022-09-09 | N/A | 7.2 HIGH |
| Interview Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /interview/delete.php?action=questiondelete&id=. | |||||
| CVE-2022-3118 | 1 Erp System Project Project | 1 Erp System Project | 2022-09-09 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Sourcecodehero ERP System Project. It has been rated as critical. This issue affects some unknown processing of the file /pages/processlogin.php. The manipulation of the argument user leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207845 was assigned to this vulnerability. | |||||
| CVE-2022-36759 | 1 Online Food Ordering System Project | 1 Online Food Ordering System | 2022-09-07 | N/A | 9.8 CRITICAL |
| Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the component /dishes.php?res_id=. | |||||
| CVE-2022-38812 | 1 Aerocms Project | 1 Aerocms | 2022-09-07 | N/A | 6.5 MEDIUM |
| AeroCMS 0.1.1 is vulnerable to SQL Injection via the author parameter. | |||||
| CVE-2022-3120 | 2022-09-05 | N/A | N/A | ||
| A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument user_name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-207847. | |||||
| CVE-2022-36581 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-09-02 | N/A | 7.5 HIGH |
| Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via the user_email parameter at /admin/login.php. | |||||
| CVE-2022-36636 | 1 Garage Management System Project | 1 Garage Management System | 2022-09-02 | N/A | 8.8 HIGH |
| Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /print.php. | |||||
| CVE-2022-36609 | 1 Clinic\'s Patient Management System Project | 1 Clinic\'s Patient Management System | 2022-09-02 | N/A | 9.8 CRITICAL |
| Clinic's Patient Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pms/update_patient.php. | |||||
| CVE-2022-36594 | 1 Mybatis | 1 Mapper | 2022-09-02 | N/A | 9.8 CRITICAL |
| Mapper v4.0.0 to v4.2.0 was discovered to contain a SQL injection vulnerability via the ids parameter at the selectByIds function. | |||||
| CVE-2022-36676 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2022-09-02 | N/A | 7.2 HIGH |
| Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/view_category.php. | |||||
| CVE-2022-36675 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2022-09-02 | N/A | 7.2 HIGH |
| Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/manage_schedule.php. | |||||
| CVE-2022-36674 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2022-09-02 | N/A | 7.2 HIGH |
| Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/view_schedule.php. | |||||
| CVE-2020-35846 | 1 Agentejo | 1 Cockpit | 2022-09-02 | 7.5 HIGH | 9.8 CRITICAL |
| Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function. | |||||
| CVE-2022-36704 | 1 Library Management System Project | 1 Library Management System | 2022-09-01 | N/A | 8.8 HIGH |
| Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at /librarian/studentdetails.php. | |||||
| CVE-2022-36705 | 1 Ingredients Stock Management System Project | 1 Ingredients Stock Management System | 2022-09-01 | N/A | 9.8 CRITICAL |
| Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at /stocks/manage_waste.php. | |||||
| CVE-2022-36708 | 1 Library Management System Project | 1 Library Management System | 2022-09-01 | N/A | 9.8 CRITICAL |
| Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at /student/bookdetails.php. | |||||