Total
14524 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-30384 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_inventory. | |||||
| CVE-2022-30379 | 1 Simple Social Networking Site Project | 1 Simple Social Networking Site | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=user/manage_user&id=. | |||||
| CVE-2022-30378 | 1 Simple Social Networking Site Project | 1 Simple Social Networking Site | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=posts/view_post&id=. | |||||
| CVE-2022-30376 | 1 Simple Social Networking Site Project | 1 Simple Social Networking Site | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/members/view_member.php?id=. | |||||
| CVE-2022-30374 | 1 Air Cargo Management System Project | 1 Air Cargo Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/?page=transactions/manage_transaction&id=. | |||||
| CVE-2022-30373 | 1 Air Cargo Management System Project | 1 Air Cargo Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/manage_cargo_type.php?id=. | |||||
| CVE-2022-30372 | 1 Air Cargo Management System Project | 1 Air Cargo Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo. | |||||
| CVE-2022-30371 | 1 Air Cargo Management System Project | 1 Air Cargo Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/view_cargo_type.php?id=. | |||||
| CVE-2022-30370 | 1 Air Cargo Management System Project | 1 Air Cargo Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo_type. | |||||
| CVE-2022-30352 | 1 Phpabook Project | 1 Phpabook | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| phpABook 0.9i is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data in the "auth_user" parameter in index.php script. | |||||
| CVE-2022-30335 | 1 Wealth | 1 Bonanza Wealth Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Bonanza Wealth Management System (BWM) 7.3.2 allows SQL injection via the login form. Users who supply the application with a SQL injection payload in the User Name textbox could collect all passwords in encrypted format from the Microsoft SQL Server component. | |||||
| CVE-2022-30113 | 1 Fahou100 | 1 Electronic Mall System | 2024-11-21 | N/A | 9.8 CRITICAL |
| Electronic mall system 1.0_build20200203 is affected vulnerable to SQL Injection. | |||||
| CVE-2022-30054 | 1 Covid 19 Travel Pass Management Project | 1 Covid 19 Travel Pass Management | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Covid 19 Travel Pass Management 1.0, the code parameter is vulnerable to SQL injection attacks. | |||||
| CVE-2022-30052 | 1 Home Clean Service System Project | 1 Home Clean Service System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Home Clean Service System 1.0, the password parameter is vulnerable to SQL injection attacks. | |||||
| CVE-2022-30048 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter. | |||||
| CVE-2022-30047 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/listExcludeApp URI via orderBy parameter. | |||||
| CVE-2022-30012 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection. | |||||
| CVE-2022-30011 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In HMS 1.0 when requesting appointment.php through POST, multiple parameters can lead to a SQL injection vulnerability. | |||||
| CVE-2022-30004 | 1 Online Market Place Site Project | 1 Online Market Place Site | 2024-11-21 | N/A | 9.8 CRITICAL |
| Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection.. | |||||
| CVE-2022-2958 | 1 Badgeos | 1 Badgos | 2024-11-21 | N/A | 8.8 HIGH |
| The BadgeOS WordPress plugin before 3.7.1.3 does not sanitise and escape parameters before using them in SQL statements via AJAX actions available to any authenticated users, leading to SQL Injections | |||||