Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-89
Total 14524 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-35599 1 Inventorymanagementsystem Project 1 Inventorymanagementsystem 2024-11-21 N/A 9.8 CRITICAL
A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter productcode.
CVE-2022-35598 1 Inventorymanagementsystem Project 1 Inventorymanagementsystem 2024-11-21 N/A 9.8 CRITICAL
A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter username.
CVE-2022-35422 1 Web Based Quiz System Project 1 Web Based Quiz System 2024-11-21 N/A 9.8 CRITICAL
Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the qid parameter at update.php.
CVE-2022-35421 1 Online Tours And Travels Management System Project 1 Online Tours And Travels Management System 2024-11-21 N/A 7.2 HIGH
Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the pname parameter at /admin/operations/packages.php.
CVE-2022-35193 1 Testlink 1 Testlink 2024-11-21 N/A 7.2 HIGH
TestLink v1.9.20 was discovered to contain a SQL injection vulnerability via /lib/execute/execNavigator.php.
CVE-2022-35175 1 Barangay Management System Project 1 Barangay Management System 2024-11-21 N/A 9.8 CRITICAL
Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /blotter/blotter.php.
CVE-2022-35156 1 Phpgurukul 1 Bus Pass Management System 2024-11-21 N/A 9.8 CRITICAL
Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php..
CVE-2022-35154 1 Shopro 1 Mall System 2024-11-21 N/A 9.8 CRITICAL
Shopro Mall System v1.3.8 was discovered to contain a SQL injection vulnerability via the value parameter.
CVE-2022-35148 1 Maccms 1 Maccms 2024-11-21 N/A 6.5 MEDIUM
maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability via the table parameter at database/columns.html.
CVE-2022-35121 1 Xxyopen 1 Novel-plus 2024-11-21 N/A 9.8 CRITICAL
Novel-Plus v3.6.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /service/impl/BookServiceImpl.java.
CVE-2022-35115 1 Icewarp 1 Webclient Dc2 2024-11-21 N/A 9.8 CRITICAL
IceWarp WebClient DC2 - Update 2 Build 9 (13.0.2.9) was discovered to contain a SQL injection vulnerability via the search parameter at /webmail/server/webmail.php.
CVE-2022-34989 1 Fruits Bazar Project 1 Fruits Bazar 2024-11-21 N/A 9.8 CRITICAL
Fruits Bazar v1.0 was discovered to contain a SQL injection vulnerability via the recover_email parameter at user_password_recover.php.
CVE-2022-34972 1 So Filter Shop By Project 1 So Filter Shop By 2024-11-21 7.5 HIGH 9.8 CRITICAL
So Filter Shop v3.x was discovered to contain multiple blind SQL injection vulnerabilities via the att_value_id , manu_value_id , opt_value_id , and subcate_value_id parameters at /index.php?route=extension/module/so_filter_shop_by/filter_data.
CVE-2022-34968 1 Percona 1 Percona Server 2024-11-21 N/A 7.5 HIGH
An issue in the fetch_step function in Percona Server for MySQL v8.0.28-19 allows attackers to cause a Denial of Service (DoS) via a SQL query.
CVE-2022-34956 1 Pligg 1 Pligg Cms 2024-11-21 N/A 9.8 CRITICAL
Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the page_size parameter at load_data_for_groups.php.
CVE-2022-34955 1 Pligg 1 Pligg Cms 2024-11-21 N/A 9.8 CRITICAL
Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the page_size parameter at load_data_for_topusers.php.
CVE-2022-34954 1 Phptpoint 1 Pharmacy Management System 2024-11-21 N/A 9.8 CRITICAL
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at invoiceprint.php.
CVE-2022-34953 1 Phptpoint 1 Pharmacy Management System 2024-11-21 N/A 9.8 CRITICAL
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getOrderReport.php.
CVE-2022-34952 1 Phptpoint 1 Pharmacy Management System 2024-11-21 N/A 9.8 CRITICAL
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edituser.php.
CVE-2022-34951 1 Phptpoint 1 Pharmacy Management System 2024-11-21 N/A 9.8 CRITICAL
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getsalereport.php.