Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34953 | 1 Phptpoint | 1 Pharmacy Management System | 2022-08-04 | N/A | 9.8 CRITICAL |
| Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getOrderReport.php. | |||||
| CVE-2022-34952 | 1 Phptpoint | 1 Pharmacy Management System | 2022-08-04 | N/A | 9.8 CRITICAL |
| Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edituser.php. | |||||
| CVE-2022-34951 | 1 Phptpoint | 1 Pharmacy Management System | 2022-08-04 | N/A | 9.8 CRITICAL |
| Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getsalereport.php. | |||||
| CVE-2022-34945 | 1 Pharmacy Management System Project | 1 Pharmacy Management System | 2022-08-04 | N/A | 9.8 CRITICAL |
| Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getproductreport.php. | |||||
| CVE-2022-34948 | 1 Pharmacy Management System Project | 1 Pharmacy Management System | 2022-08-04 | N/A | 9.8 CRITICAL |
| Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editbrand.php. | |||||
| CVE-2022-34947 | 1 Pharmacy Management System Project | 1 Pharmacy Management System | 2022-08-04 | N/A | 9.8 CRITICAL |
| Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editcategory.php. | |||||
| CVE-2022-34946 | 1 Pharmacy Management System Project | 1 Pharmacy Management System | 2022-08-04 | N/A | 9.8 CRITICAL |
| Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getexpproduct.php. | |||||
| CVE-2022-34949 | 1 Pharmacy Management System Project | 1 Pharmacy Management System | 2022-08-04 | N/A | 9.8 CRITICAL |
| Pharmacy Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the email or password parameter at login.php. | |||||
| CVE-2022-34950 | 1 Pharmacy Management System Project | 1 Pharmacy Management System | 2022-08-04 | N/A | 9.8 CRITICAL |
| Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editproduct.php. | |||||
| CVE-2022-34955 | 1 Pligg | 1 Pligg Cms | 2022-08-04 | N/A | 9.8 CRITICAL |
| Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the page_size parameter at load_data_for_topusers.php. | |||||
| CVE-2022-34956 | 1 Pligg | 1 Pligg Cms | 2022-08-04 | N/A | 9.8 CRITICAL |
| Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the page_size parameter at load_data_for_groups.php. | |||||
| CVE-2022-35421 | 1 Online Tours And Travels Management System Project | 1 Online Tours And Travels Management System | 2022-08-04 | N/A | 7.2 HIGH |
| Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the pname parameter at /admin/operations/packages.php. | |||||
| CVE-2022-35422 | 1 Web Based Quiz System Project | 1 Web Based Quiz System | 2022-08-04 | N/A | 9.8 CRITICAL |
| Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the qid parameter at update.php. | |||||
| CVE-2022-2577 | 1 Garage Management System Project | 1 Garage Management System | 2022-08-04 | N/A | 8.8 HIGH |
| A vulnerability classified as critical was found in SourceCodester Garage Management System 1.0. This vulnerability affects unknown code of the file /edituser.php. The manipulation of the argument id with the input -2'%20UNION%20select%2011,user(),333,444--+ leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-1277 | 1 Inavitas | 1 Solar Log | 2022-08-04 | N/A | 9.8 CRITICAL |
| Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability. | |||||
| CVE-2022-1950 | 1 Kainelabs | 1 Youzify | 2022-08-04 | N/A | 9.8 CRITICAL |
| The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection | |||||
| CVE-2022-34954 | 1 Phptpoint | 1 Pharmacy Management System | 2022-08-04 | N/A | 9.8 CRITICAL |
| Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at invoiceprint.php. | |||||
| CVE-2021-24750 | 1 Wp Visitor Statistics \(real Time Traffic\) Project | 1 Wp Visitor Statistics \(real Time Traffic\) | 2022-08-04 | 6.5 MEDIUM | 8.8 HIGH |
| The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly sanitise and escape the refUrl in the refDetails AJAX action, available to any authenticated user, which could allow users with a role as low as subscriber to perform SQL injection attacks | |||||
| CVE-2022-0410 | 1 Wp Visitor Statistics Project | 1 Wp Visitor Statistics | 2022-08-04 | 6.5 MEDIUM | 8.8 HIGH |
| The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.6 does not sanitise and escape the id parameter before using it in a SQL statement via the refUrlDetails AJAX action, available to any authenticated user, leading to a SQL injection | |||||
| CVE-2022-34557 | 1 Barangay Management System Project | 1 Barangay Management System | 2022-08-04 | N/A | 8.8 HIGH |
| Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /pages/permit/permit.php. | |||||