Vulnerabilities (CVE)

Filtered by CWE-89
Total 15484 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38541 1 Archerydms 1 Archery 2024-11-21 N/A 9.8 CRITICAL
Archery v1.8.3 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_time and stop_time parameters in the my2sql interface.
CVE-2022-38540 1 Archerydms 1 Archery 2024-11-21 N/A 9.8 CRITICAL
Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the create_kill_session interface.
CVE-2022-38539 1 Archerydms 1 Archery 2024-11-21 N/A 9.8 CRITICAL
Archery v1.7.5 to v1.8.5 was discovered to contain a SQL injection vulnerability via the where parameter at /archive/apply.
CVE-2022-38538 1 Archerydms 1 Archery 2024-11-21 N/A 9.8 CRITICAL
Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module.
CVE-2022-38537 1 Archerydms 1 Archery 2024-11-21 N/A 9.8 CRITICAL
Archery v1.4.5 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_file, end_file, start_time, and stop_time parameters in the binlog2sql interface.
CVE-2022-38304 1 Online Leave Management System Project 1 Online Leave Management System 2024-11-21 N/A 7.2 HIGH
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_leave_type.php.
CVE-2022-38303 1 Online Leave Management System Project 1 Online Leave Management System 2024-11-21 N/A 7.2 HIGH
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /employees/manage_leave_type.php.
CVE-2022-38302 1 Online Leave Management System Project 1 Online Leave Management System 2024-11-21 N/A 7.2 HIGH
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_department.php.
CVE-2022-38286 1 Jflyfox 1 Jfinal Cms 2024-11-21 N/A 7.2 HIGH
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/role/list.
CVE-2022-38285 1 Jflyfox 1 Jfinal Cms 2024-11-21 N/A 7.2 HIGH
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/menu/list.
CVE-2022-38284 1 Jflyfox 1 Jfinal Cms 2024-11-21 N/A 7.2 HIGH
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/department/list.
CVE-2022-38283 1 Jflyfox 1 Jfinal Cms 2024-11-21 N/A 7.2 HIGH
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/video/list.
CVE-2022-38282 1 Jflyfox 1 Jfinal Cms 2024-11-21 N/A 7.2 HIGH
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/videoalbum/list.
CVE-2022-38281 1 Jflyfox 1 Jfinal Cms 2024-11-21 N/A 7.2 HIGH
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/site/list.
CVE-2022-38280 1 Jflyfox 1 Jfinal Cms 2024-11-21 N/A 7.2 HIGH
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/image/list.
CVE-2022-38279 1 Jflyfox 1 Jfinal Cms 2024-11-21 N/A 7.2 HIGH
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/imagealbum/list.
CVE-2022-38278 1 Jflyfox 1 Jfinal Cms 2024-11-21 N/A 7.2 HIGH
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/friendlylink/list.
CVE-2022-38277 1 Jflyfox 1 Jfinal Cms 2024-11-21 N/A 7.2 HIGH
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/folderrollpicture/list.
CVE-2022-38276 1 Jflyfox 1 Jfinal Cms 2024-11-21 N/A 7.2 HIGH
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/foldernotice/list.
CVE-2022-38275 1 Jflyfox 1 Jfinal Cms 2024-11-21 N/A 7.2 HIGH
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/contact/list.