Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by CWE-89
Total 9311 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-29682 1 Chshcms 1 Cscms Music Portal System 2022-05-27 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/vod/admin/topic/del.
CVE-2022-29667 1 Chshcms 1 Cscms Music Portal System 2022-05-27 6.5 MEDIUM 8.8 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted photos.
CVE-2022-29669 1 Chshcms 1 Cscms Music Portal System 2022-05-27 6.5 MEDIUM 8.8 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/lists/zhuan.
CVE-2022-29665 1 Chshcms 1 Cscms Music Portal System 2022-05-27 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/topic/save.
CVE-2022-29664 1 Chshcms 1 Cscms Music Portal System 2022-05-27 6.5 MEDIUM 8.8 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/pl_save.
CVE-2022-29666 1 Chshcms 1 Cscms Music Portal System 2022-05-27 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan.
CVE-2022-29663 1 Chshcms 1 Cscms Music Portal System 2022-05-27 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/hy.
CVE-2022-29661 1 Chshcms 1 Cscms Music Portal System 2022-05-27 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save.
CVE-2022-29662 1 Chshcms 1 Cscms Music Portal System 2022-05-27 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/news/save.
CVE-2022-29660 1 Chshcms 1 Cscms Music Portal System 2022-05-27 7.5 HIGH 9.8 CRITICAL
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/pic/del.
CVE-2022-0781 1 Nirweb 1 Nirweb Support 2022-05-27 7.5 HIGH 9.8 CRITICAL
The Nirweb support WordPress plugin before 2.8.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action (available to unauthenticated users), leading to an SQL injection
CVE-2021-24125 1 Contact Form Submissions Project 1 Contact Form Submissions 2022-05-27 6.5 MEDIUM 7.2 HIGH
Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privilege user (admin+)
CVE-2022-26632 1 Multi-vendor Online Groceries Management System Project 1 Multi-vendor Online Groceries Management System 2022-05-26 7.5 HIGH 9.8 CRITICAL
Multi-Vendor Online Groceries Management System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /products/view_product.php.
CVE-2022-26633 1 Simple Student Quarterly Result\/grade System Project 1 Simple Student Quarterly Result\/grade System 2022-05-26 7.5 HIGH 9.8 CRITICAL
Simple Student Quarterly Result/Grade System v1.0 was discovered to contain a SQL injection vulnerability via /sqgs/Actions.php.
CVE-2022-28531 1 Covid-19 Directory On Vaccination System Project 1 Covid-19 Directory On Vaccination System 2022-05-26 7.5 HIGH 9.8 CRITICAL
Sourcecodester Covid-19 Directory on Vaccination System1.0 is vulnerable to SQL Injection via the admin/login.php txtusername (aka Username) field.
CVE-2022-30886 1 School Dormitory Management System Project 1 School Dormitory Management System 2022-05-26 7.5 HIGH 9.8 CRITICAL
School Dormitory Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /dms/admin/reports/daily_collection_report.php.
CVE-2022-30518 1 Chatbot Application With A Suggestion Feature Project 1 Chatbot Application With A Suggestion Feature 2022-05-26 7.5 HIGH 9.8 CRITICAL
ChatBot Application with a Suggestion Feature 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /simple_chat_bot/admin/responses/view_response.php.
CVE-2022-28105 1 Online Sports Complex Booking System Project 1 Online Sports Complex Booking System 2022-05-26 7.5 HIGH 9.8 CRITICAL
Online Sports Complex Booking System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /scbs/view_facility.php.
CVE-2022-29304 1 Online Sports Complex Booking System Project 1 Online Sports Complex Booking System 2022-05-26 6.5 MEDIUM 8.8 HIGH
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /classes/master.php?f=delete_ Facility.
CVE-2022-28962 1 Online Sports Complex Booking System Project 1 Online Sports Complex Booking System 2022-05-26 7.5 HIGH 9.8 CRITICAL
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=delete_client.