Total
14524 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-28929 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the delid parameter at viewtreatmentrecord.php. | |||||
| CVE-2022-28862 | 1 Archibus | 1 Web Central | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Archibus Web Central before 26.2, multiple SQL Injection vulnerabilities occur in dwr/call/plaincall/workflow.runWorkflowRule.dwr. Through the injection of arbitrary SQL statements, a potential attacker can modify query syntax and perform unauthorized (and unexpected) operations against the remote database. This is fixed in all recent versions, such as version 26.2. | |||||
| CVE-2022-28815 | 1 Gavazziautomation | 3 Cpy Car Park Server, Uwp 3.0 Monitoring Gateway And Controller, Uwp 3.0 Monitoring Gateway And Controller Firmware | 2024-11-21 | N/A | 2.7 LOW |
| In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy server was discovered to contain a SQL injection vulnerability allowing an attacker to query other tables of the Sentilo service. | |||||
| CVE-2022-28813 | 1 Gavazziautomation | 3 Cpy Car Park Server, Uwp 3.0 Monitoring Gateway And Controller, Uwp 3.0 Monitoring Gateway And Controller Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of an SQL-injection to gain access to a volatile temporary database with the current states of the device. | |||||
| CVE-2022-28623 | 3 Hp, Hpe, Redhat | 3 Hp-ux, Icewall Sso Certd, Enterprise Linux | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Security vulnerabilities in HPE IceWall SSO 10.0 certd could be exploited remotely to allow SQL injection or unauthorized data injection. HPE has provided the following updated modules to resolve these vulnerabilities. HPE IceWall SSO version 10.0 certd library Patch 9 for RHEL and HPE IceWall SSO version 10.0 certd library Patch 9 for HP-UX. | |||||
| CVE-2022-28585 | 1 Phome | 1 Empirecms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| EmpireCMS 7.5 has a SQL injection vulnerability in AdClass.php | |||||
| CVE-2022-28552 | 1 Chshcms | 1 Cscms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Cscms 4.1 is vulnerable to SQL Injection. Log into the background, open the song module, create a new song, delete it to the recycle bin, and SQL injection security problems will occur when emptying the recycle bin. | |||||
| CVE-2022-28533 | 1 Medical Hub Directory Site Project | 1 Medical Hub Directory Site | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Sourcecodester Medical Hub Directory Site 1.0 is vulnerable to SQL Injection via /mhds/clinic/view_details.php. | |||||
| CVE-2022-28531 | 1 Covid-19 Directory On Vaccination System Project | 1 Covid-19 Directory On Vaccination System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Sourcecodester Covid-19 Directory on Vaccination System1.0 is vulnerable to SQL Injection via the admin/login.php txtusername (aka Username) field. | |||||
| CVE-2022-28530 | 1 Covid-19 Directory On Vaccination System Project | 1 Covid-19 Directory On Vaccination System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Sourcecodester Covid-19 Directory on Vaccination System 1.0 is vulnerable to SQL Injection via cmdcategory. | |||||
| CVE-2022-28524 | 1 Ed01-cms Project | 1 Ed01-cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php. | |||||
| CVE-2022-28512 | 1 Fantastic Blog Project | 1 Fantastic Blog | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability exists in Sourcecodester Fantastic Blog CMS 1.0 . An attacker can inject query in "/fantasticblog/single.php" via the "id=5" parameters. | |||||
| CVE-2022-28505 | 1 Jflyfox | 1 Jfinal Cms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Jfinal_cms 5.1.0 is vulnerable to SQL Injection via com.jflyfox.system.log.LogController.java. | |||||
| CVE-2022-28468 | 1 Payroll Management System Project | 1 Payroll Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Payroll Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter. | |||||
| CVE-2022-28467 | 1 Online Student Admission Project | 1 Online Student Admission | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Online Student Admission v1.0 was discovered to contain a SQL injection vulnerability via the txtapplicationID parameter. | |||||
| CVE-2022-28461 | 1 Mingyuefusu Project | 1 Mingyuefusu | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| mingyuefusu Library Management System all versions as of 03-27-2022 is vulnerable to SQL Injection. | |||||
| CVE-2022-28452 | 1 Redplanetcomputers | 1 Laundry Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Red Planet Laundry Management System 1.0 is vulnerable to SQL Injection. | |||||
| CVE-2022-28439 | 1 Baby Care System Project | 1 Baby Care System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&&action=delete&userid=4. | |||||
| CVE-2022-28438 | 1 Baby Care System Project | 1 Baby Care System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=User&userid=. | |||||
| CVE-2022-28437 | 1 Baby Care System Project | 1 Baby Care System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=Admin&userid=3. | |||||