Vulnerabilities (CVE)

Filtered by CWE-89
Total 14524 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-33061 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_service.
CVE-2022-33060 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_schedule.
CVE-2022-33059 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_train.
CVE-2022-33058 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_message.
CVE-2022-33057 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_reservation.
CVE-2022-33056 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/schedules/manage_schedule.php.
CVE-2022-33055 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/trains/manage_train.php.
CVE-2022-33049 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/?page=user/manage_user.
CVE-2022-33048 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/reservations/view_details.php.
CVE-2022-33042 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/inquiries/view_details.php.
CVE-2022-32992 1 Online Tours And Travels Management System Project 1 Online Tours And Travels Management System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the tname parameter at /admin/operations/tax.php.
CVE-2022-32991 1 Web Based Quiz System Project 1 Web Based Quiz System 2024-11-21 6.5 MEDIUM 8.8 HIGH
Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the eid parameter at welcome.php.
CVE-2022-32964 1 Omicard Edm Project 1 Omicard Edm 2024-11-21 N/A 9.8 CRITICAL
OMICARD EDM’s API function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL commands to access, modify, delete database or disrupt service.
CVE-2022-32456 1 Digiwin 1 Business Process Management 2024-11-21 N/A 9.8 CRITICAL
Digiwin BPM’s function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify, delete database or disrupt service.
CVE-2022-32416 1 Product Show Room Site Project 1 Product Show Room Site 2024-11-21 6.5 MEDIUM 7.2 HIGH
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_product.
CVE-2022-32415 1 Product Show Room Site Project 1 Product Show Room Site 2024-11-21 6.5 MEDIUM 8.8 HIGH
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/?p=products/view_product&id=.
CVE-2022-32405 1 Prison Management System Project 1 Prison Management System 2024-11-21 6.5 MEDIUM 8.8 HIGH
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/prisons/view_prison.php:4
CVE-2022-32404 1 Prison Management System Project 1 Prison Management System 2024-11-21 6.5 MEDIUM 8.8 HIGH
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/inmates/manage_inmate.php:3
CVE-2022-32403 1 Prison Management System Project 1 Prison Management System 2024-11-21 6.5 MEDIUM 8.8 HIGH
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/inmates/manage_record.php:4
CVE-2022-32402 1 Prison Management System Project 1 Prison Management System 2024-11-21 6.5 MEDIUM 8.8 HIGH
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/prisons/manage_prison.php:4