Search
Total
1733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-30376 | 1 Simple Social Networking Site Project | 1 Simple Social Networking Site | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/members/view_member.php?id=. | |||||
| CVE-2022-30379 | 1 Simple Social Networking Site Project | 1 Simple Social Networking Site | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=user/manage_user&id=. | |||||
| CVE-2022-30372 | 1 Air Cargo Management System Project | 1 Air Cargo Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo. | |||||
| CVE-2022-30371 | 1 Air Cargo Management System Project | 1 Air Cargo Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/view_cargo_type.php?id=. | |||||
| CVE-2022-30373 | 1 Air Cargo Management System Project | 1 Air Cargo Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/manage_cargo_type.php?id=. | |||||
| CVE-2022-30374 | 1 Air Cargo Management System Project | 1 Air Cargo Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/?page=transactions/manage_transaction&id=. | |||||
| CVE-2022-30002 | 1 Insurance Management System Project | 1 Insurance Management System | 2022-05-21 | 6.5 MEDIUM | 7.2 HIGH |
| Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editNominee.php?nominee_id=. | |||||
| CVE-2022-30451 | 1 Waimairencms Project | 1 Waimairencms | 2022-05-20 | 6.5 MEDIUM | 8.8 HIGH |
| An authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1. | |||||
| CVE-2022-30452 | 1 Shopwind | 1 Shopwind | 2022-05-20 | 6.5 MEDIUM | 7.2 HIGH |
| ShopWind <= v3.4.2 has a Sql injection vulnerability in Database.php | |||||
| CVE-2022-27381 | 1 Mariadb | 1 Mariadb | 2022-05-19 | 5.0 MEDIUM | 7.5 HIGH |
| An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. | |||||
| CVE-2022-26116 | 1 Fortinet | 1 Fortinac | 2022-05-18 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerability [CWE-89] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.2 and below may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted strings parameters. | |||||
| CVE-2022-1453 | 1 Rsvpmaker Project | 1 Rsvpmaker | 2022-05-18 | 5.0 MEDIUM | 7.5 HIGH |
| The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to and including 9.2.5. | |||||
| CVE-2022-1505 | 1 Rsvpmaker Project | 1 Rsvpmaker | 2022-05-17 | 5.0 MEDIUM | 7.5 HIGH |
| The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-api-endpoints.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to and including 9.2.6. | |||||
| CVE-2021-43010 | 1 Safedog | 1 Safedog Apache | 2022-05-17 | 5.0 MEDIUM | 7.5 HIGH |
| In Safedog Apache v4.0.30255, attackers can bypass this product for SQL injection. Attackers can bypass access to sensitive data. | |||||
| CVE-2022-29410 | 1 Hermit Project | 1 Hermit | 2022-05-16 | 6.5 MEDIUM | 8.8 HIGH |
| Authenticated SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via (&ids). | |||||
| CVE-2022-24844 | 2 Gin-vue-admin Project, Postgresql | 2 Gin-vue-admin, Postgresql | 2022-05-16 | 6.5 MEDIUM | 8.8 HIGH |
| Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. The problem occurs in the following code in server/service/system/sys_auto_code_pgsql.go, which means that PostgreSQL must be used as the database for this vulnerability to occur. Users must: Require JWT login? and be using PostgreSQL to be affected. This issue has been resolved in version 2.5.1. There are no known workarounds. | |||||
| CVE-2020-19216 | 1 Piwigo | 1 Piwigo | 2022-05-13 | 6.5 MEDIUM | 8.8 HIGH |
| SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=group_perm. | |||||
| CVE-2020-19217 | 1 Piwigo | 1 Piwigo | 2022-05-13 | 6.5 MEDIUM | 8.8 HIGH |
| SQL Injection vulnerability in admin/batch_manager.php in piwigo v2.9.5, via the filter_category parameter to admin.php?page=batch_manager. | |||||
| CVE-2020-19215 | 1 Piwigo | 1 Piwigo | 2022-05-13 | 6.5 MEDIUM | 8.8 HIGH |
| SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=user_perm. | |||||
| CVE-2021-21917 | 1 Advantech | 1 R-seenet | 2022-05-13 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at '‘ord’ parameter. An attacker can make authenticated HTTP requests to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery. | |||||
| CVE-2021-21916 | 1 Advantech | 1 R-seenet | 2022-05-13 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at 'description_filter’ parameter. An attacker can make authenticated HTTP requests to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery. | |||||
| CVE-2021-21915 | 1 Advantech | 1 R-seenet | 2022-05-13 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at ‘company_filter’ parameter. An attacker can make authenticated HTTP requests to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery. | |||||
| CVE-2022-29938 | 1 Librehealth | 1 Librehealth Ehr | 2022-05-12 | 6.5 MEDIUM | 8.8 HIGH |
| In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameter payment_id in interface\billing\new_payment.php via interface\billing\payment_master.inc.php leads to SQL injection. | |||||
| CVE-2022-24707 | 1 Anuko | 1 Time Tracker | 2022-05-12 | 6.5 MEDIUM | 8.8 HIGH |
| Anuko Time Tracker is an open source, web-based time tracking application written in PHP. UNION SQL injection and time-based blind injection vulnerabilities existed in Time Tracker Puncher plugin in versions of anuko timetracker prior to 1.20.0.5642. This was happening because the Puncher plugin was reusing code from other places and was relying on an unsanitized date parameter in POST requests. Because the parameter was not checked, it was possible to craft POST requests with malicious SQL for Time Tracker database. This issue has been resolved in in version 1.20.0.5642. Users unable to upgrade are advised to add their own checks to input. | |||||
| CVE-2022-25491 | 1 Hospital Management System Project | 1 Hospital Management System | 2022-05-12 | 7.5 HIGH | 7.5 HIGH |
| HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php. | |||||
| CVE-2022-28079 | 1 College Management System Project | 1 College Management System | 2022-05-12 | 6.5 MEDIUM | 8.8 HIGH |
| College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter. | |||||
| CVE-2022-28080 | 1 Event Management System Project | 1 Event Management System | 2022-05-12 | 6.5 MEDIUM | 8.8 HIGH |
| Royal Event Management System v1.0 was discovered to contain a SQL injection vulnerability via the todate parameter. | |||||
| CVE-2020-6145 | 1 Frappe | 1 Erpnext | 2022-05-12 | 6.5 MEDIUM | 8.8 HIGH |
| An SQL injection vulnerability exists in the frappe.desk.reportview.get functionality of ERPNext 11.1.38. A specially crafted HTTP request can cause an SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-6114 | 1 Icehrm | 1 Icehrm | 2022-05-12 | 6.5 MEDIUM | 7.2 HIGH |
| An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2022-28552 | 1 Chshcms | 1 Cscms | 2022-05-12 | 6.5 MEDIUM | 8.8 HIGH |
| Cscms 4.1 is vulnerable to SQL Injection. Log into the background, open the song module, create a new song, delete it to the recycle bin, and SQL injection security problems will occur when emptying the recycle bin. | |||||
| CVE-2022-28099 | 1 Poultry Farm Management System Project | 1 Poultry Farm Management System | 2022-05-12 | 6.5 MEDIUM | 8.8 HIGH |
| Poultry Farm Management System v1.0 was discovered to contain a SQL injection vulnerability via the Item parameter at /farm/store.php. | |||||
| CVE-2021-41942 | 1 Msvod | 1 Msvod Cms | 2022-05-11 | 5.0 MEDIUM | 7.5 HIGH |
| The Magic CMS MSVOD v10 video system has a SQL injection vulnerability. Attackers can use vulnerabilities to obtain sensitive information in the database. | |||||
| CVE-2022-28505 | 1 Jflyfox | 1 Jfinal Cms | 2022-05-10 | 6.5 MEDIUM | 7.2 HIGH |
| Jfinal_cms 5.1.0 is vulnerable to SQL Injection via com.jflyfox.system.log.LogController.java. | |||||
| CVE-2022-28060 | 1 Victor Cms Project | 1 Victor Cms | 2022-05-06 | 5.0 MEDIUM | 7.5 HIGH |
| SQL Injection vulnerability in Victor CMS v1.0, via the user_name parameter to /includes/login.php. | |||||
| CVE-2022-29419 | 1 3xsocializer Project | 1 3xsocializer | 2022-05-05 | 6.5 MEDIUM | 8.8 HIGH |
| SQL Injection (SQLi) vulnerability in Don Crowther's 3xSocializer plugin <= 0.98.22 at WordPress possible for users with a low role like a subscriber or higher. | |||||
| CVE-2022-20786 | 1 Cisco | 1 Unified Communications Manager Im And Presence Service | 2022-05-04 | 5.5 MEDIUM | 8.1 HIGH |
| A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain data or modify data that is stored in the underlying database of the affected system. | |||||
| CVE-2022-29603 | 1 Universis | 1 Universis-api | 2022-05-04 | 5.5 MEDIUM | 8.1 HIGH |
| A SQL Injection vulnerability exists in UniverSIS UniverSIS-API through 1.2.1 via the $select parameter to multiple API endpoints. A remote authenticated attacker could send crafted SQL statements to a vulnerable endpoint (such as /api/students/me/messages/) to, for example, retrieve personal information or change grades. | |||||
| CVE-2021-28242 | 1 B2evolution | 1 B2evolution | 2022-05-03 | 6.5 MEDIUM | 8.8 HIGH |
| SQL Injection in the "evoadm.php" component of b2evolution v7.2.2-stable allows remote attackers to obtain sensitive database information by injecting SQL commands into the "cf_name" parameter when creating a new filter under the "Collections" tab. | |||||
| CVE-2021-37197 | 1 Siemens | 1 Comos | 2022-04-30 | 6.0 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). The COMOS Web component of COMOS is vulnerable to SQL injections. This could allow an attacker to execute arbitrary SQL statements. | |||||
| CVE-2021-30117 | 1 Kaseya | 1 Vsa | 2022-04-29 | 6.5 MEDIUM | 8.8 HIGH |
| The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authenticated boolean-based blind SQL injection in the parameter fldrId. Detailed description --- Given the following request: ``` GET /InstallTab/exportFldr.asp?fldrId=1’ HTTP/1.1 Host: 192.168.1.194 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:85.0) Gecko/20100101 Firefox/85.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: close Upgrade-Insecure-Requests: 1 Cookie: ASPSESSIONIDCQACCQCA=MHBOFJHBCIPCJBFKEPEHEDMA; sessionId=30548861; agentguid=840997037507813; vsaUser=scopeId=3&roleId=2; webWindowId=59091519; ``` Where the sessionId cookie value has been obtained via CVE-2021-30116. The result should be a failure. Response: ``` HTTP/1.1 500 Internal Server Error Cache-Control: private Content-Type: text/html; Charset=Utf-8 Date: Thu, 01 Apr 2021 19:12:11 GMT Strict-Transport-Security: max-age=63072000; includeSubDomains Connection: close Content-Length: 881 <!DOCTYPE html> <HTML> <HEAD> <title>Whoops.</title> <meta http-equiv="X-UA-Compatible" content="IE=Edge" /> <link id="favIcon" rel="shortcut icon" href="/themes/default/images/favicon.ico?307447361"></link> ----SNIP---- ``` However when fldrId is set to ‘(SELECT (CASE WHEN (1=1) THEN 1 ELSE (SELECT 1 UNION SELECT 2) END))’ the request is allowed. Request: ``` GET /InstallTab/exportFldr.asp?fldrId=%28SELECT%20%28CASE%20WHEN%20%281%3D1%29%20THEN%201%20ELSE%20%28SELECT%201%20UNION%20SELECT%202%29%20END%29%29 HTTP/1.1 Host: 192.168.1.194 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:85.0) Gecko/20100101 Firefox/85.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: close Upgrade-Insecure-Requests: 1 Cookie: ASPSESSIONIDCQACCQCA=MHBOFJHBCIPCJBFKEPEHEDMA; sessionId=30548861; agentguid=840997037507813; vsaUser=scopeId=3&roleId=2; webWindowId=59091519; ``` Response: ``` HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; Charset=Utf-8 Date: Thu, 01 Apr 2021 17:33:53 GMT Strict-Transport-Security: max-age=63072000; includeSubDomains Connection: close Content-Length: 7960 <html> <head> <title>Export Folder</title> <style> ------ SNIP ----- ``` | |||||
| CVE-2019-5114 | 1 Youphptube | 1 Youphptube | 2022-04-29 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in the authenticated portion of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and,in certain configuration, access the underlying operating system. | |||||
| CVE-2022-1429 | 1 Pimcore | 1 Pimcore | 2022-04-29 | 5.0 MEDIUM | 7.5 HIGH |
| SQL injection in GridHelperService.php in GitHub repository pimcore/pimcore prior to 10.3.6. This vulnerability is capable of steal the data | |||||
| CVE-2020-27231 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-29 | 6.5 MEDIUM | 8.8 HIGH |
| A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findDistrict parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27232 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-29 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘manageServiceStocks.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27230 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-29 | 6.5 MEDIUM | 8.8 HIGH |
| A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findSector parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27243 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-29 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoService parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27242 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-29 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoLocation parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27246 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-29 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoComment parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27245 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-29 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoBuyer parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27244 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2022-04-29 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoCode parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||