Total
14524 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40116 | 1 Online Banking System Project | 1 Online Banking System | 2024-11-21 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search parameter at /net-banking/beneficiary.php. | |||||
| CVE-2022-40115 | 1 Online Banking System Project | 1 Online Banking System | 2024-11-21 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/delete_beneficiary.php. | |||||
| CVE-2022-40114 | 1 Online Banking System Project | 1 Online Banking System | 2024-11-21 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/edit_customer.php. | |||||
| CVE-2022-40113 | 1 Online Banking System Project | 1 Online Banking System | 2024-11-21 | N/A | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/send_funds.php. | |||||
| CVE-2022-40099 | 1 Online Tours \& Travels Management System Project | 1 Online Tours \& Travels Management System | 2024-11-21 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense_category.php. | |||||
| CVE-2022-40098 | 1 Online Tours \& Travels Management System Project | 1 Online Tours \& Travels Management System | 2024-11-21 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense.php. | |||||
| CVE-2022-40097 | 1 Online Tours And Travels Management System Project | 1 Online Tours And Travels Management System | 2024-11-21 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_currency.php. | |||||
| CVE-2022-40093 | 1 Online Tours And Travels Management System Project | 1 Online Tours And Travels Management System | 2024-11-21 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_tax.php. | |||||
| CVE-2022-40092 | 1 Online Tours And Travels Management System Project | 1 Online Tours And Travels Management System | 2024-11-21 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_payment.php. | |||||
| CVE-2022-40091 | 1 Online Tours And Travels Management System Project | 1 Online Tours And Travels Management System | 2024-11-21 | N/A | 7.2 HIGH |
| Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/update_packages.php. | |||||
| CVE-2022-40043 | 1 Centreon | 1 Centreon | 2024-11-21 | N/A | 8.8 HIGH |
| Centreon v20.10.18 was discovered to contain a SQL injection vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations. | |||||
| CVE-2022-40030 | 1 Simple Task Managing System Project | 1 Simple Task Managing System | 2024-11-21 | N/A | 9.8 CRITICAL |
| SourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at changeStatus.php. | |||||
| CVE-2022-40026 | 1 Simple Task Managing System Project | 1 Simple Task Managing System | 2024-11-21 | N/A | 7.2 HIGH |
| SourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at board.php. | |||||
| CVE-2022-3956 | 1 Hhims Project | 1 Hhims | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in tsruban HHIMS 2.1. Affected is an unknown function of the component Patient Portrait Handler. The manipulation of the argument PID leads to sql injection. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. VDB-213462 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3955 | 1 Crm42 Project | 1 Crm42 | 2024-11-21 | N/A | 7.3 HIGH |
| A vulnerability was found in tholum crm42. It has been rated as critical. This issue affects some unknown processing of the file crm42\class\class.user.php of the component Login. The manipulation of the argument user_name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213461 was assigned to this vulnerability. | |||||
| CVE-2022-3948 | 1 Eolink | 1 Goku Lite | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability classified as critical was found in eolinker goku_lite. This vulnerability affects unknown code of the file /plugin/getList. The manipulation of the argument route/keyword leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-213454 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3947 | 1 Eolink | 1 Goku Lite | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in eolinker goku_lite. This affects an unknown part of the file /balance/service/list. The manipulation of the argument route/keyword leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213453 was assigned to this vulnerability. | |||||
| CVE-2022-3878 | 1 Maxonerp | 1 Maxon | 2024-11-21 | N/A | 7.3 HIGH |
| A vulnerability classified as critical has been found in Maxon ERP. This affects an unknown part of the file /index.php/purchase_order/browse_data. The manipulation of the argument tb_search leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-213039. | |||||
| CVE-2022-3802 | 1 Ibax | 1 Go-ibax | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability has been found in IBAX go-ibax and classified as critical. This vulnerability affects unknown code of the file /api/v2/open/rowsInfo. The manipulation of the argument where leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-212638 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3801 | 1 Ibax | 1 Go-ibax | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in IBAX go-ibax. This affects an unknown part of the file /api/v2/open/rowsInfo. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212637 was assigned to this vulnerability. | |||||