Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27613 | 1 Synology | 1 Carddav Server | 2022-08-03 | N/A | 8.8 HIGH |
| Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in webapi component in Synology CardDAV Server before 6.0.10-0153 allows remote authenticated users to inject SQL commands via unspecified vectors. | |||||
| CVE-2022-36161 | 1 Garage Management System Project | 1 Garage Management System | 2022-08-02 | N/A | 9.8 CRITICAL |
| Orange Station 1.0 was discovered to contain a SQL injection vulnerability via the username parameter. | |||||
| CVE-2022-34989 | 1 Fruits Bazar Project | 1 Fruits Bazar | 2022-08-01 | N/A | 9.8 CRITICAL |
| Fruits Bazar v1.0 was discovered to contain a SQL injection vulnerability via the recover_email parameter at user_password_recover.php. | |||||
| CVE-2022-34067 | 1 Warehouse Management System Project | 1 Warehouse Management System | 2022-08-01 | N/A | 7.5 HIGH |
| Warehouse Management System v1.0 was discovered to contain a SQL injection vulnerability via the cari parameter. | |||||
| CVE-2022-31879 | 1 Online Fire Reporting System Project | 1 Online Fire Reporting System | 2022-08-01 | N/A | 8.8 HIGH |
| Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter. | |||||
| CVE-2022-29709 | 1 Communilink | 1 Clink Office | 2022-07-30 | N/A | 7.5 HIGH |
| CommuniLink Internet Limited CLink Office v2.0 was discovered to contain multiple SQL injection vulnerabilities via the username and password parameters. | |||||
| CVE-2022-22389 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2, Linux Kernel, Windows and 1 more | 2022-07-29 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740. | |||||
| CVE-2017-20143 | 1 Ambit | 1 Movie Portal Script | 2022-07-29 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in Itech Movie Portal Script 7.36. This issue affects some unknown processing of the file /film-rating.php. The manipulation of the argument v leads to sql injection (Error). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-20142 | 1 Ambit | 1 Movie Portal Script | 2022-07-29 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in Itech Movie Portal Script 7.36. This vulnerability affects unknown code of the file /artist-display.php. The manipulation of the argument act leads to sql injection (Union). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2017-20141 | 1 Ambit | 1 Movie Portal Script | 2022-07-29 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in Itech Movie Portal Script 7.36. This affects an unknown part of the file /movie.php. The manipulation of the argument f leads to sql injection (Union). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-33965 | 1 Plugins-market | 1 Wp Visitor Statistics | 2022-07-29 | N/A | 9.8 CRITICAL |
| Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities in Osamaesh WP Visitor Statistics plugin <= 5.7 at WordPress. | |||||
| CVE-2017-20139 | 1 Ambit | 1 Movie Portal Script | 2022-07-29 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Itech Movie Portal Script 7.36. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /show_news.php. The manipulation of the argument id with the input AND (SELECT 1222 FROM(SELECT COUNT(*),CONCAT(0x71786b7a71,(SELECT (ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) leads to sql injection (Error). The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-2142 | 1 Advantech | 1 Iview | 2022-07-28 | N/A | 5.9 MEDIUM |
| The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose information. | |||||
| CVE-2022-2136 | 1 Advantech | 1 Iview | 2022-07-28 | N/A | 6.5 MEDIUM |
| The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information. | |||||
| CVE-2022-2135 | 1 Advantech | 1 Iview | 2022-07-28 | N/A | 7.5 HIGH |
| The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information. | |||||
| CVE-2022-2137 | 1 Advantech | 1 Iview | 2022-07-28 | N/A | 4.9 MEDIUM |
| The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized attacker to disclose information | |||||
| CVE-2020-6120 | 1 Os4ed | 1 Opensis | 2022-07-28 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The fn parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-6121 | 1 Os4ed | 1 Opensis | 2022-07-28 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The ln parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-6119 | 1 Os4ed | 1 Opensis | 2022-07-28 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The byear parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-6122 | 1 Os4ed | 1 Opensis | 2022-07-28 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The mn parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||