Vulnerabilities (CVE)

Filtered by CWE-89
Total 14524 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-40615 2 Ibm, Linux 2 Sterling Partner Engagement Manager, Linux Kernel 2024-11-21 N/A 6.3 MEDIUM
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 236208.
CVE-2022-40485 1 Wedding Planner Project 1 Wedding Planner 2024-11-21 N/A 9.8 CRITICAL
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /package_detail.php.
CVE-2022-40484 1 Wedding Planner Project 1 Wedding Planner 2024-11-21 N/A 9.8 CRITICAL
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking parameter at /admin/client_edit.php.
CVE-2022-40483 1 Wedding Planner Project 1 Wedding Planner 2024-11-21 N/A 9.8 CRITICAL
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /wedding_details.php.
CVE-2022-40447 1 Zzcms 1 Zzcms 2024-11-21 N/A 7.2 HIGH
ZZCMS 2022 was discovered to contain a SQL injection vulnerability via the keyword parameter at /admin/baojia_list.php.
CVE-2022-40446 1 Zzcms 1 Zzcms 2024-11-21 N/A 7.2 HIGH
ZZCMS 2022 was discovered to contain a SQL injection vulnerability via the component /admin/sendmailto.php?tomail=&groupid=.
CVE-2022-40405 1 Wowonder 1 Wowonder 2024-11-21 N/A 7.5 HIGH
WoWonder Social Network Platform v4.1.2 was discovered to contain a SQL injection vulnerability via the offset parameter at requests.php?f=load-my-blogs.
CVE-2022-40404 1 Wedding Planner Project 1 Wedding Planner 2024-11-21 N/A 8.8 HIGH
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/select.php.
CVE-2022-40403 1 Wedding Planner Project 1 Wedding Planner 2024-11-21 N/A 7.2 HIGH
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/feature_edit.php.
CVE-2022-40402 1 Wedding Planner Project 1 Wedding Planner 2024-11-21 N/A 8.8 HIGH
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking parameter at /admin/client_assign.php.
CVE-2022-40354 1 Online Tours \& Travels Management System Project 1 Online Tours \& Travels Management System 2024-11-21 N/A 7.2 HIGH
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_booking.php.
CVE-2022-40353 1 Online Tours \& Travels Management System Project 1 Online Tours \& Travels Management System 2024-11-21 N/A 7.2 HIGH
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/up_booking.php.
CVE-2022-40352 1 Online Tours \& Travels Management System Project 1 Online Tours \& Travels Management System 2024-11-21 N/A 7.2 HIGH
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_traveller.php.
CVE-2022-40315 2 Fedoraproject, Moodle 3 Extra Packages For Enterprise Linux, Fedora, Moodle 2024-11-21 N/A 9.8 CRITICAL
A limited SQL injection risk was identified in the "browse list of users" site administration page.
CVE-2022-40122 1 Online Banking System Project 1 Online Banking System 2024-11-21 N/A 9.8 CRITICAL
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/edit_customer_action.php.
CVE-2022-40121 1 Online Banking System Project 1 Online Banking System 2024-11-21 N/A 9.8 CRITICAL
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search parameter at /net-banking/manage_customers.php.
CVE-2022-40120 1 Online Banking System Project 1 Online Banking System 2024-11-21 N/A 9.8 CRITICAL
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search_term parameter at /net-banking/customer_transactions.php.
CVE-2022-40119 1 Online Banking System Project 1 Online Banking System 2024-11-21 N/A 9.8 CRITICAL
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search_term parameter at /net-banking/transactions.php.
CVE-2022-40118 1 Online Banking System Project 1 Online Banking System 2024-11-21 N/A 9.8 CRITICAL
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/send_funds_action.php.
CVE-2022-40117 1 Online Banking System Project 1 Online Banking System 2024-11-21 N/A 9.8 CRITICAL
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/delete_customer.php.