Total
9311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40956 | 1 Laiketui | 1 Laiketui | 2022-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| LaiKetui v3.5.0 has SQL injection in the background through the menu management function, and sensitive data can be obtained. | |||||
| CVE-2022-31787 | 1 Ideaco | 1 Ideatms | 2022-06-29 | 7.5 HIGH | 9.8 CRITICAL |
| IdeaTMS 2022 is vulnerable to SQL Injection via the PATH_INFO | |||||
| CVE-2021-26636 | 2 Linux, Maxb | 2 Linux Kernel, Maxboard | 2022-06-29 | 6.8 MEDIUM | 9.6 CRITICAL |
| Stored XSS and SQL injection vulnerability in MaxBoard could lead to occur Remote Code Execution, which could lead to information exposure and privilege escalation. | |||||
| CVE-2021-40955 | 1 Laiketui | 1 Laiketui | 2022-06-29 | 6.5 MEDIUM | 7.2 HIGH |
| SQL injection exists in LaiKetui v3.5.0 the background administrator list. | |||||
| CVE-2022-33114 | 1 Jflyfox | 1 Jfinal Cms | 2022-06-29 | 6.5 MEDIUM | 7.2 HIGH |
| Jfinal CMS v5.1.0 was discovered to contain a SQL injection vulnerability via the attrVal parameter at /jfinal_cms/system/dict/list. | |||||
| CVE-2022-33097 | 1 74cms | 1 74cmsse | 2022-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campus_job. | |||||
| CVE-2022-33096 | 1 74cms | 1 74cmsse | 2022-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/resume/index. | |||||
| CVE-2022-33095 | 1 74cms | 1 74cmsse | 2022-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist. | |||||
| CVE-2022-33093 | 1 74cms | 1 74cmsse | 2022-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the key parameter at /freelance/resume_list. | |||||
| CVE-2022-33094 | 1 74cms | 1 74cmsse | 2022-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/map. | |||||
| CVE-2022-33092 | 1 74cms | 1 74cmsse | 2022-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/index. | |||||
| CVE-2022-33048 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2022-06-28 | 6.5 MEDIUM | 7.2 HIGH |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/reservations/view_details.php. | |||||
| CVE-2022-33049 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2022-06-28 | 6.5 MEDIUM | 7.2 HIGH |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/?page=user/manage_user. | |||||
| CVE-2017-20067 | 1 Hindu Matrimonial Script Project | 1 Hindu Matrimonial Script | 2022-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was found in Hindu Matrimonial Script. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-33056 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2022-06-28 | 6.5 MEDIUM | 7.2 HIGH |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/schedules/manage_schedule.php. | |||||
| CVE-2022-33055 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2022-06-28 | 6.5 MEDIUM | 7.2 HIGH |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/trains/manage_train.php. | |||||
| CVE-2022-1905 | 1 E-dynamics | 1 Events Made Easy | 2022-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| The Events Made Easy WordPress plugin before 2.2.81 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection | |||||
| CVE-2019-12359 | 1 Zzcms | 1 Zzcms | 2022-06-28 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/ztliuyan_sendmail.php (when the attacker has admin authority) via the id parameter. | |||||
| CVE-2019-12358 | 1 Zzcms | 1 Zzcms | 2022-06-28 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie. | |||||
| CVE-2019-12357 | 1 Zzcms | 1 Zzcms | 2022-06-28 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php (when the attacker has admin authority) via the id parameter. | |||||