Total
14524 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-29681 | 1 Chshcms | 1 Cscms Music Portal System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Links/del. | |||||
| CVE-2022-29680 | 1 Chshcms | 1 Cscms Music Portal System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/zu_del. | |||||
| CVE-2022-29676 | 1 Chshcms | 1 Cscms Music Portal System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan. | |||||
| CVE-2022-29670 | 1 Chshcms | 1 Cscms Music Portal System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/del. | |||||
| CVE-2022-29669 | 1 Chshcms | 1 Cscms Music Portal System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/lists/zhuan. | |||||
| CVE-2022-29667 | 1 Chshcms | 1 Cscms Music Portal System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted photos. | |||||
| CVE-2022-29666 | 1 Chshcms | 1 Cscms Music Portal System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan. | |||||
| CVE-2022-29665 | 1 Chshcms | 1 Cscms Music Portal System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/topic/save. | |||||
| CVE-2022-29664 | 1 Chshcms | 1 Cscms Music Portal System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/pl_save. | |||||
| CVE-2022-29663 | 1 Chshcms | 1 Cscms Music Portal System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/hy. | |||||
| CVE-2022-29662 | 1 Chshcms | 1 Cscms Music Portal System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/news/save. | |||||
| CVE-2022-29661 | 1 Chshcms | 1 Cscms Music Portal System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save. | |||||
| CVE-2022-29660 | 1 Chshcms | 1 Cscms Music Portal System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/pic/del. | |||||
| CVE-2022-29659 | 1 Responsive Online Blog Project | 1 Responsive Online Blog | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Responsive Online Blog v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at single.php. | |||||
| CVE-2022-29656 | 1 Wedding Management System Project | 1 Wedding Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Wedding Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Wedding-Management/package_detail.php. | |||||
| CVE-2022-29652 | 1 Online Sports Complex Booking System Project | 1 Online Sports Complex Booking System | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=save_client. | |||||
| CVE-2022-29650 | 1 Online Food Ordering System Project | 1 Online Food Ordering System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the Search parameter at /online-food-order/food-search.php. | |||||
| CVE-2022-29603 | 1 Universis | 1 Universis-api | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| A SQL Injection vulnerability exists in UniverSIS UniverSIS-API through 1.2.1 via the $select parameter to multiple API endpoints. A remote authenticated attacker could send crafted SQL statements to a vulnerable endpoint (such as /api/students/me/messages/) to, for example, retrieve personal information or change grades. | |||||
| CVE-2022-29601 | 1 Oliverklee | 1 Seminars | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The seminars (aka Seminar Manager) extension through 4.1.3 for TYPO3 allows SQL Injection. | |||||
| CVE-2022-29600 | 1 Oliverklee | 1 Oelib | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The oelib (aka One is Enough Library) extension through 4.1.5 for TYPO3 allows SQL Injection. | |||||