Vulnerabilities (CVE)

Filtered by CWE-89
Total 14524 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-40934 1 Online Pet Shop Web Application Project 1 Online Pet Shop Web Application 2024-11-21 N/A 7.2 HIGH
Online Pet Shop We App v1.0 is vulnerable to SQL injection via /pet_shop/classes/Master.php?f=delete_sub_category,id
CVE-2022-40933 1 Online Pet Shop Web Application Project 1 Online Pet Shop Web Application 2024-11-21 N/A 7.2 HIGH
Online Pet Shop We App v1.0 by oretnom23 is vulnerable to SQL injection via /pet_shop/classes/Master.php?f=delete_order,id.
CVE-2022-40928 1 Online Leave Management System Project 1 Online Leave Management System 2024-11-21 N/A 7.2 HIGH
Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_application.
CVE-2022-40927 1 Online Leave Management System Project 1 Online Leave Management System 2024-11-21 N/A 7.2 HIGH
Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_designation.
CVE-2022-40926 1 Online Leave Management System Project 1 Online Leave Management System 2024-11-21 N/A 7.2 HIGH
Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_leave_type.
CVE-2022-40887 1 Best Student Result Management System Project 1 Best Student Result Management System 2024-11-21 N/A 9.8 CRITICAL
SourceCodester Best Student Result Management System 1.0 is vulnerable to SQL Injection.
CVE-2022-40877 1 Exam Reviewer Management System Project 1 Exam Reviewer Management System 2024-11-21 N/A 9.8 CRITICAL
Exam Reviewer Management System 1.0 is vulnerable to SQL Injection via the ‘id’ parameter.
CVE-2022-40872 1 Simple E-learning System Project 1 Simple E-learning System 2024-11-21 N/A 9.8 CRITICAL
An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode.
CVE-2022-40839 1 Ndk-design 1 Ndkadvancedcustomizationfields 2024-11-21 N/A 7.5 HIGH
A SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated attackers to exfiltrate database data.
CVE-2022-40835 1 Codeigniter 1 Codeigniter 2024-11-21 N/A 9.8 CRITICAL
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php. Note: Multiple third parties have disputed this as not a valid vulnerability
CVE-2022-40834 1 Codeigniter 1 Codeigniter 2024-11-21 N/A 9.8 CRITICAL
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_not_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40833 1 Codeigniter 1 Codeigniter 2024-11-21 N/A 9.8 CRITICAL
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40832 1 Codeigniter 1 Codeigniter 2024-11-21 N/A 9.8 CRITICAL
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php having() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40831 1 Codeigniter 1 Codeigniter 2024-11-21 N/A 9.8 CRITICAL
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40830 1 Codeigniter 1 Codeigniter 2024-11-21 N/A 9.8 CRITICAL
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40829 1 Codeigniter 1 Codeigniter 2024-11-21 N/A 9.8 CRITICAL
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40826 1 Codeigniter 1 Codeigniter 2024-11-21 N/A 9.8 CRITICAL
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_having() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40825 1 Codeigniter 1 Codeigniter 2024-11-21 N/A 9.8 CRITICAL
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40824 1 Codeigniter 1 Codeigniter 2024-11-21 N/A 9.8 CRITICAL
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40766 1 Moderncampus 1 Omni Cms 2024-11-21 N/A 9.8 CRITICAL
Modern Campus Omni CMS (formerly OU Campus) 10.2.4 allows login-page SQL injection via a '" OR 1 = 1 -- - , <?php' substring.