Search
Total
1733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31487 | 1 Inoutscripts | 2 Blockchain Altexchanger, Blockchain Fiatexchanger | 2022-05-30 | 5.0 MEDIUM | 7.5 HIGH |
| Inout Blockchain AltExchanger 1.2.1 and Inout Blockchain FiatExchanger 2.2.1 allow Chart/TradingView/chart_content/master.php symbol SQL injection. | |||||
| CVE-2022-30463 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2022-05-28 | 6.5 MEDIUM | 8.8 HIGH |
| Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_product. | |||||
| CVE-2022-30459 | 1 Chatbot App With Suggestion In Php\/oop Project | 1 Chatbot App With Suggestion In Php\/oop | 2022-05-28 | 6.5 MEDIUM | 8.8 HIGH |
| ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to SQL Injection via /simple_chat_bot/classes/Master.php?f=delete_response, id. | |||||
| CVE-2022-30843 | 1 Room Rent Portal Site Project | 1 Room Rent Portal Site | 2022-05-28 | 6.5 MEDIUM | 8.8 HIGH |
| Room-rent-portal-site v1.0 is vulnerable to SQL Injection via /rrps/classes/Master.php?f=delete_category, id. | |||||
| CVE-2022-29688 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/hy. | |||||
| CVE-2022-29689 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/del. | |||||
| CVE-2022-29687 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/level_del. | |||||
| CVE-2022-29685 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 8.8 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/User/level_sort. | |||||
| CVE-2022-29686 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/lists/zhuan. | |||||
| CVE-2022-29684 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/js_del. | |||||
| CVE-2022-29683 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/page_del. | |||||
| CVE-2022-29682 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/vod/admin/topic/del. | |||||
| CVE-2022-29681 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Links/del. | |||||
| CVE-2022-29676 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan. | |||||
| CVE-2022-29680 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/zu_del. | |||||
| CVE-2022-29670 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/del. | |||||
| CVE-2022-29667 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 8.8 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted photos. | |||||
| CVE-2022-29669 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 8.8 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/lists/zhuan. | |||||
| CVE-2022-29665 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/topic/save. | |||||
| CVE-2022-29664 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 8.8 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/pl_save. | |||||
| CVE-2022-29666 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan. | |||||
| CVE-2022-29663 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/hy. | |||||
| CVE-2022-29661 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save. | |||||
| CVE-2022-29662 | 1 Chshcms | 1 Cscms Music Portal System | 2022-05-28 | 6.5 MEDIUM | 7.2 HIGH |
| CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/news/save. | |||||
| CVE-2021-24125 | 1 Contact Form Submissions Project | 1 Contact Form Submissions | 2022-05-27 | 6.5 MEDIUM | 7.2 HIGH |
| Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privilege user (admin+) | |||||
| CVE-2020-9402 | 3 Debian, Djangoproject, Fedoraproject | 3 Debian Linux, Django, Fedora | 2022-05-26 | 6.5 MEDIUM | 8.8 HIGH |
| Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escaping and inject malicious SQL. | |||||
| CVE-2022-29304 | 1 Online Sports Complex Booking System Project | 1 Online Sports Complex Booking System | 2022-05-26 | 6.5 MEDIUM | 8.8 HIGH |
| Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /classes/master.php?f=delete_ Facility. | |||||
| CVE-2022-27378 | 1 Mariadb | 1 Mariadb | 2022-05-26 | 5.0 MEDIUM | 7.5 HIGH |
| An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | |||||
| CVE-2022-27379 | 1 Mariadb | 1 Mariadb | 2022-05-26 | 5.0 MEDIUM | 7.5 HIGH |
| An issue in the component Arg_comparator::compare_real_fixed of MariaDB Server v10.6.2 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | |||||
| CVE-2022-28961 | 1 Spip | 1 Spip | 2022-05-26 | 6.5 MEDIUM | 8.8 HIGH |
| Spip Web Framework v3.1.13 and below was discovered to contain multiple SQL injection vulnerabilities at /ecrire via the lier_trad and where parameters. | |||||
| CVE-2022-24391 | 1 Fidelissecurity | 2 Deception, Network | 2022-05-26 | 6.5 MEDIUM | 8.8 HIGH |
| Vulnerability in Fidelis Network and Deception CommandPost enables SQL injection through the web interface by an attacker with user level access. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. | |||||
| CVE-2020-3937 | 1 Sysjust | 1 Syuan-gu-da-shin | 2022-05-25 | 5.0 MEDIUM | 7.5 HIGH |
| SQL Injection in SysJust Syuan-Gu-Da-Shih, versions before 20191223, allowing attackers to perform unwanted SQL queries and access arbitrary file in the database. | |||||
| CVE-2022-1182 | 1 Visual Slide Box Builder Project | 1 Visual Slide Box Builder | 2022-05-25 | 6.5 MEDIUM | 8.8 HIGH |
| The Visual Slide Box Builder WordPress plugin through 3.2.9 does not sanitise and escape various parameters before using them in SQL statements via some of its AJAX actions available to any authenticated users (such as subscriber), leading to SQL Injections | |||||
| CVE-2022-30012 | 1 Hospital Management System Project | 1 Hospital Management System | 2022-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection. | |||||
| CVE-2021-41965 | 1 Churchcrm | 1 Churchcrm | 2022-05-23 | 6.5 MEDIUM | 8.8 HIGH |
| A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4.5 that allows an authenticated attacker to issue an arbitrary SQL command to the database through the unsanitized EN_tyid, theID and EID fields used when an Edit action on an existing record is being performed. | |||||
| CVE-2022-30411 | 1 Covid 19 Travel Pass Management System Project | 1 Covid 19 Travel Pass Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=individuals/view_individual&id=. | |||||
| CVE-2022-30412 | 1 Covid 19 Travel Pass Management System Project | 1 Covid 19 Travel Pass Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/individuals/update_status.php?id=. | |||||
| CVE-2022-30414 | 1 Covid 19 Travel Pass Management System Project | 1 Covid 19 Travel Pass Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=applications/view_application&id=. | |||||
| CVE-2022-30415 | 1 Covid 19 Travel Pass Management System Project | 1 Covid 19 Travel Pass Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/applications/update_status.php?id=. | |||||
| CVE-2022-30417 | 1 Covid 19 Travel Pass Management System Project | 1 Covid 19 Travel Pass Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via ctpms/admin/?page=user/manage_user&id=. | |||||
| CVE-2022-30404 | 1 College Management System Project | 1 College Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| College Management System v1.0 is vulnerable to SQL Injection via /College_Management_System/admin/display-teacher.php?teacher_id=. | |||||
| CVE-2022-30403 | 1 Merchandise Online Store Product | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=products&c=. | |||||
| CVE-2022-30401 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=view_product&id=. | |||||
| CVE-2022-30400 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/orders/view_order.php?view=user&id=. | |||||
| CVE-2022-30396 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=inventory/manage_inventory&id=. | |||||
| CVE-2022-30399 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_category&id=. | |||||
| CVE-2022-30398 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=orders/view_order&id=. | |||||
| CVE-2022-30393 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=product/manage_product&id=. | |||||
| CVE-2022-30402 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_sub_category&id=. | |||||
| CVE-2022-30376 | 1 Simple Social Networking Site Project | 1 Simple Social Networking Site | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/members/view_member.php?id=. | |||||