Search
Total
1733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1683 | 1 Amtythumb Project | 1 Amtythumb | 2022-06-15 | 6.5 MEDIUM | 8.8 HIGH |
| The amtyThumb WordPress plugin through 4.2.0 does not sanitise and escape a parameter before using it in a SQL statement via its shortcode, leading to an SQL injection and is exploitable by any authenticated user (and not just Author+ like the original advisory mention) due to the fact that they can execute shortcodes via an AJAX action | |||||
| CVE-2017-20017 | 1 Tngsitebuilding | 1 The Next Generation Of Genealogy Sitebuilding | 2022-06-14 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in The Next Generation of Genealogy Sitebuilding up to 11.1.0. This issue affects some unknown processing of the file /timeline2.php. The manipulation of the argument primaryID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.1.1 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2020-36538 | 1 Etan | 1 Etan Cms | 2022-06-14 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability was found in Eatan CMS. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The attack can be launched remotely. | |||||
| CVE-2022-30469 | 1 Afian | 1 Filerun | 2022-06-14 | 6.5 MEDIUM | 8.8 HIGH |
| In Afian Filerun 20220202, lack of sanitization of the POST parameter "metadata[]" in `/?module=fileman§ion=get&page=grid` leads to SQL injection. | |||||
| CVE-2020-36537 | 1 Everywhere | 1 Everywhere Cms | 2022-06-14 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability was found in Everywhere CMS. It has been classified as critical. Affected is an unknown function. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. | |||||
| CVE-2020-36536 | 1 Brandbugle | 1 Brandbugle | 2022-06-14 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability was found in Brandbugle. It has been rated as critical. Affected by this issue is some unknown functionality of the file /main.php. The manipulation leads to sql injection. The attack may be launched remotely. | |||||
| CVE-2020-36535 | 1 Minmax | 1 Minmax | 2022-06-14 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability classified as critical has been found in MINMAX. This affects an unknown part of the file /newsDia.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. | |||||
| CVE-2020-36530 | 1 Ibm | 1 Sevone Network Performance Management | 2022-06-14 | 6.0 MEDIUM | 8.8 HIGH |
| A vulnerability classified as critical was found in SevOne Network Management System up to 5.7.2.22. This vulnerability affects the Alert Summary. The manipulation leads to sql injection. The attack can be initiated remotely. | |||||
| CVE-2021-41932 | 1 Wolterskluwer | 1 Teammate\+ Audit | 2022-06-13 | 6.5 MEDIUM | 8.8 HIGH |
| A blind SQL injection vulnerability in search form in TeamMate+ Audit version 28.0.19.0 allows any authenticated user to create malicious SQL injections, which can result in complete database compromise, gaining information about other users, unauthorized access to audit data etc. | |||||
| CVE-2022-30799 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php. | |||||
| CVE-2022-30798 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php. | |||||
| CVE-2022-30795 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductimage.php. | |||||
| CVE-2022-30794 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductetails.php. | |||||
| CVE-2022-30496 | 1 Mv | 1 Idce | 2022-06-10 | 5.0 MEDIUM | 7.5 HIGH |
| SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise's private and sensitive information. | |||||
| CVE-2022-32026 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_booking.php?id=. | |||||
| CVE-2022-32021 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_movement.php?id=. | |||||
| CVE-2022-32022 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Car Rental Management System v1.0 is vulnerable to SQL Injection via /ip/car-rental-management-system/admin/ajax.php?action=login. | |||||
| CVE-2022-32024 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Car Rental Management System v1.0 is vulnerable to SQL Injection via car-rental-management-system/booking.php?car_id=. | |||||
| CVE-2022-32025 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/view_car.php?id=. | |||||
| CVE-2022-32027 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/index.php?page=manage_car&id=. | |||||
| CVE-2022-32028 | 1 Car Rental Management System Project | 1 Car Rental Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_user.php?id=. | |||||
| CVE-2022-32007 | 1 Complete Online Job Search System Project | 1 Complete Online Job Search System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/company/index.php?view=edit&id=. | |||||
| CVE-2022-32008 | 1 Complete Online Job Search System Project | 1 Complete Online Job Search System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Complete Online Job Search System v1.0 is vulnerable to SQL Injection via eris/admin/vacancy/index.php?view=edit&id=. | |||||
| CVE-2022-32010 | 1 Complete Online Job Search System Project | 1 Complete Online Job Search System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/user/index.php?view=edit&id=. | |||||
| CVE-2022-32011 | 1 Complete Online Job Search System Project | 1 Complete Online Job Search System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/applicants/index.php?view=view&id=. | |||||
| CVE-2022-32012 | 1 Complete Online Job Search System Project | 1 Complete Online Job Search System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/employee/index.php?view=edit&id=. | |||||
| CVE-2022-32013 | 1 Complete Online Job Search System Project | 1 Complete Online Job Search System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Complete Online Job Search System v1.0 is vulnerable to SQL Injection via eris/admin/category/index.php?view=edit&id=. | |||||
| CVE-2022-32014 | 1 Complete Online Job Search System Project | 1 Complete Online Job Search System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=result&searchfor=byfunction. | |||||
| CVE-2022-32015 | 1 Complete Online Job Search System Project | 1 Complete Online Job Search System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=category&search=. | |||||
| CVE-2022-32017 | 1 Complete Online Job Search System Project | 1 Complete Online Job Search System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=result&searchfor=bytitle. | |||||
| CVE-2022-32016 | 1 Complete Online Job Search System Project | 1 Complete Online Job Search System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=result&searchfor=bycompany. | |||||
| CVE-2022-32018 | 1 Complete Online Job Search System Project | 1 Complete Online Job Search System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=hiring&search=. | |||||
| CVE-2022-31994 | 1 Badminton Center Management System Project | 1 Badminton Center Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=sales/view_details&id. | |||||
| CVE-2022-32003 | 1 Badminton Center Management System Project | 1 Badminton Center Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/courts/view_court.php?id=. | |||||
| CVE-2022-32004 | 1 Badminton Center Management System Project | 1 Badminton Center Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/products/manage_product.php?id=. | |||||
| CVE-2022-32005 | 1 Badminton Center Management System Project | 1 Badminton Center Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/services/manage_service.php?id=. | |||||
| CVE-2022-32006 | 1 Badminton Center Management System Project | 1 Badminton Center Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/services/view_service.php?id=. | |||||
| CVE-2022-31985 | 1 Badminton Center Management System Project | 1 Badminton Center Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=reports/daily_sales_report&date=. | |||||
| CVE-2022-31986 | 1 Badminton Center Management System Project | 1 Badminton Center Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=reports/daily_court_rental_report&date=. | |||||
| CVE-2022-31988 | 1 Badminton Center Management System Project | 1 Badminton Center Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/?page=reports/daily_services_report&date=. | |||||
| CVE-2022-31992 | 1 Badminton Center Management System Project | 1 Badminton Center Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=court_rentals/view_court_rental&id=. | |||||
| CVE-2022-32001 | 1 Badminton Center Management System Project | 1 Badminton Center Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/products/view_product.php?id=. | |||||
| CVE-2022-31998 | 1 Badminton Center Management System Project | 1 Badminton Center Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=service_transactions/view_details&id=. | |||||
| CVE-2022-31996 | 1 Badminton Center Management System Project | 1 Badminton Center Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/?page=sales/manage_sale&id=. | |||||
| CVE-2022-32000 | 1 Badminton Center Management System Project | 1 Badminton Center Management System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=service_transactions/manage_service_transaction&id=. | |||||
| CVE-2022-31974 | 1 Online Fire Reporting System Project | 1 Online Fire Reporting System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports&date=. | |||||
| CVE-2022-31975 | 1 Online Fire Reporting System Project | 1 Online Fire Reporting System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manage_user&id=. | |||||
| CVE-2022-31980 | 1 Online Fire Reporting System Project | 1 Online Fire Reporting System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manage_team&id=. | |||||
| CVE-2022-31981 | 1 Online Fire Reporting System Project | 1 Online Fire Reporting System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/view_team&id=. | |||||
| CVE-2022-31983 | 1 Online Fire Reporting System Project | 1 Online Fire Reporting System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/manage_request&id=. | |||||