Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-89
Total 14524 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-29994 1 Online Sports Complex Booking System Project 1 Online Sports Complex Booking System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=facilities/manage_facility&id=.
CVE-2022-29993 1 Online Sports Complex Booking System Project 1 Online Sports Complex Booking System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/bookings/view_booking.php?id=.
CVE-2022-29992 1 Online Sports Complex Booking System Project 1 Online Sports Complex Booking System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/manage_category.php?id=.
CVE-2022-29990 1 Online Sports Complex Booking System Project 1 Online Sports Complex Booking System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/categories/view_category.php?id=.
CVE-2022-29989 1 Online Sports Complex Booking System Project 1 Online Sports Complex Booking System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_booking.
CVE-2022-29988 1 Online Sports Complex Booking System Project 1 Online Sports Complex Booking System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete.
CVE-2022-29987 1 Online Sports Complex Booking System Project 1 Online Sports Complex Booking System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=user/manage_user&id=.
CVE-2022-29986 1 Online Sports Complex Booking System Project 1 Online Sports Complex Booking System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_facility.
CVE-2022-29985 1 Online Sports Complex Booking System Project 1 Online Sports Complex Booking System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_category.
CVE-2022-29984 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=client/view_client&id=.
CVE-2022-29983 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/view_invoice&id=.
CVE-2022-29982 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/maintenance/manage_service.php?id=.
CVE-2022-29981 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Users.php?f=delete.
CVE-2022-29980 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=user/manage_user&id=.
CVE-2022-29979 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_designation.
CVE-2022-29938 1 Librehealth 1 Librehealth Ehr 2024-11-21 6.5 MEDIUM 8.8 HIGH
In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameter payment_id in interface\billing\new_payment.php via interface\billing\payment_master.inc.php leads to SQL injection.
CVE-2022-29904 1 Mediawiki 1 Mediawiki 2024-11-21 7.5 HIGH 9.8 CRITICAL
The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773) allows SQL injection with certain '-' and '_' constraints.
CVE-2022-29822 1 Feathersjs 1 Feathers-sequelize 2024-11-21 N/A 10.0 CRITICAL
Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection
CVE-2022-29807 1 Quest 1 Kace Systems Management Appliance 2024-11-21 N/A 9.8 CRITICAL
A SQL injection vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.0 that can allow for remote code execution via download_agent_installer.php.
CVE-2022-29751 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_client.