Total
14524 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31082 | 1 Glpi-project | 1 Glpi Inventory | 2024-11-21 | 7.5 HIGH | 5.8 MEDIUM |
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. glpi-inventory-plugin is a plugin for GLPI to handle inventory management. In affected versions a SQL injection can be made using package deployment tasks. This issue has been resolved in version 1.0.2. Users are advised to upgrade. Users unable to upgrade should delete the `front/deploypackage.public.php` file if they are not using the `deploy tasks` feature. | |||||
| CVE-2022-31061 | 1 Glpi-project | 1 Glpi | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions there is a SQL injection vulnerability which is possible on login page. No user credentials are required to exploit this vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue. | |||||
| CVE-2022-31058 | 1 Enalean | 1 Tuleap | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.95 Tuleap does not sanitize properly user inputs when constructing the SQL query to retrieve data for the tracker reports. An attacker with the capability to create a new tracker can execute arbitrary SQL queries. Users are advised to upgrade. There is no known workaround for this issue. | |||||
| CVE-2022-31056 | 1 Glpi-project | 1 Glpi | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all assistance forms (Ticket/Change/Problem) permit sql injection on the actor fields. This issue has been resolved in version 10.0.2 and all affected users are advised to upgrade. | |||||
| CVE-2022-30998 | 1 Homepage Product Organizer For Woocommerce Project | 1 Homepage Product Organizer For Woocommerce | 2024-11-21 | N/A | 9.1 CRITICAL |
| Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress. | |||||
| CVE-2022-30927 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable "id" parameter. | |||||
| CVE-2022-30886 | 1 School Dormitory Management System Project | 1 School Dormitory Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| School Dormitory Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /dms/admin/reports/daily_collection_report.php. | |||||
| CVE-2022-30843 | 1 Room Rent Portal Site Project | 1 Room Rent Portal Site | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Room-rent-portal-site v1.0 is vulnerable to SQL Injection via /rrps/classes/Master.php?f=delete_category, id. | |||||
| CVE-2022-30838 | 1 Covid 19 Travel Pass Management System Project | 1 Covid 19 Travel Pass Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=update_application_status | |||||
| CVE-2022-30836 | 1 Wedding Management System Project | 1 Wedding Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Wedding Management System v1.0 is vulnerable to SQL Injection. via Wedding-Management/admin/select.php. | |||||
| CVE-2022-30835 | 1 Wedding Management System Project | 1 Wedding Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Wedding Management System v1.0 is vulnerable to SQL Injection. via /Wedding-Management/admin/budget.php?booking_id=. | |||||
| CVE-2022-30834 | 1 Wedding Management System Project | 1 Wedding Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_manage_account_details.php?booking_id=31&user_id= | |||||
| CVE-2022-30833 | 1 Wedding Management System Project | 1 Wedding Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_edit.php?booking=31&user_id=. | |||||
| CVE-2022-30832 | 1 Wedding Management System Project | 1 Wedding Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_assign.php?booking=31&user_id=. | |||||
| CVE-2022-30831 | 1 Wedding Management System Project | 1 Wedding Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Wedding Management System v1.0 is vulnerable to SQL Injection via Wedding-Management/wedding_details.php. | |||||
| CVE-2022-30830 | 1 Wedding Management System Project | 1 Wedding Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\feature_edit.php. | |||||
| CVE-2022-30829 | 1 Wedding Management System Project | 1 Wedding Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\users_edit.php. | |||||
| CVE-2022-30828 | 1 Wedding Management System Project | 1 Wedding Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\photos_edit.php. | |||||
| CVE-2022-30827 | 1 Wedding Management System Project | 1 Wedding Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\package_edit.php. | |||||
| CVE-2022-30826 | 1 Wedding Management System Project | 1 Wedding Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Wedding Management System v1.0 is vulnerable to SQL Injection via admin\client_assign.php. | |||||