Total
15483 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-36675 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2024-11-21 | N/A | 7.2 HIGH |
Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/manage_schedule.php. | |||||
CVE-2022-36674 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2024-11-21 | N/A | 7.2 HIGH |
Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/view_schedule.php. | |||||
CVE-2022-36669 | 1 Hospital Information System Project | 1 Hospital Information System | 2024-11-21 | N/A | 9.8 CRITICAL |
Hospital Information System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. | |||||
CVE-2022-36636 | 1 Garage Management System Project | 1 Garage Management System | 2024-11-21 | N/A | 8.8 HIGH |
Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /print.php. | |||||
CVE-2022-36635 | 1 Zkteco | 1 Zkbiosecurity V5000 | 2024-11-21 | N/A | 8.8 HIGH |
ZKteco ZKBioSecurity V5000 4.1.3 was discovered to contain a SQL injection vulnerability via the component /baseOpLog.do. | |||||
CVE-2022-36609 | 1 Oretnom23 | 1 Clinic\'s Patient Management System | 2024-11-21 | N/A | 9.8 CRITICAL |
Clinic's Patient Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pms/update_patient.php. | |||||
CVE-2022-36606 | 1 Yimihome | 1 Ywoa | 2024-11-21 | N/A | 9.8 CRITICAL |
Ywoa before v6.1 was discovered to contain a SQL injection vulnerability via /oa/setup/checkPool?database. | |||||
CVE-2022-36605 | 1 Yimihome | 1 Ywoa | 2024-11-21 | N/A | 9.8 CRITICAL |
Yimioa v6.1 was discovered to contain a SQL injection vulnerability via the orderbyGET parameter. | |||||
CVE-2022-36599 | 1 Mingsoft | 1 Mcms | 2024-11-21 | N/A | 9.8 CRITICAL |
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists. | |||||
CVE-2022-36594 | 1 Mybatis | 1 Mapper | 2024-11-21 | N/A | 9.8 CRITICAL |
Mapper v4.0.0 to v4.2.0 was discovered to contain a SQL injection vulnerability via the ids parameter at the selectByIds function. | |||||
CVE-2022-36581 | 1 Online Ordering System Project | 1 Online Ordering System | 2024-11-21 | N/A | 7.5 HIGH |
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via the user_email parameter at /admin/login.php. | |||||
CVE-2022-36578 | 1 Jizhicms | 1 Jizhicms | 2024-11-21 | N/A | 9.8 CRITICAL |
jizhicms v2.3.1 has SQL injection in the background. | |||||
CVE-2022-36545 | 1 Edoc-doctor-appointment-system Project | 1 Edoc-doctor-appointment-system | 2024-11-21 | N/A | 9.8 CRITICAL |
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/settings.php. | |||||
CVE-2022-36544 | 1 Edoc-doctor-appointment-system Project | 1 Edoc-doctor-appointment-system | 2024-11-21 | N/A | 9.8 CRITICAL |
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/booking.php. | |||||
CVE-2022-36543 | 1 Edoc-doctor-appointment-system Project | 1 Edoc-doctor-appointment-system | 2024-11-21 | N/A | 9.8 CRITICAL |
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/doctors.php. | |||||
CVE-2022-36529 | 1 Kensite Cms Project | 1 Kensite Cms | 2024-11-21 | N/A | 8.8 HIGH |
Kensite CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities via the name and oldname parameters at /framework/mod/db/DBMapper.xml. | |||||
CVE-2022-36394 | 1 Contest-gallery | 1 Contest Gallery | 2024-11-21 | N/A | 7.6 HIGH |
Authenticated (author+) SQL Injection (SQLi) vulnerability in Contest Gallery plugin <= 17.0.4 at WordPress. | |||||
CVE-2022-36276 | 1 Tcman | 1 Gim | 2024-11-21 | N/A | 9.9 CRITICAL |
TCMAN GIM v8.0.1 is vulnerable to a SQL injection via the 'SqlWhere' parameter inside the function 'BuscarESM'. The exploitation of this vulnerability might allow a remote attacker to directly interact with the database. | |||||
CVE-2022-36272 | 1 Mingsoft | 1 Mcms | 2024-11-21 | N/A | 9.8 CRITICAL |
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter. | |||||
CVE-2022-36259 | 1 Inventorymanagementsystem Project | 1 Inventorymanagementsystem | 2024-11-21 | N/A | 7.5 HIGH |
A SQL injection vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "username", "password", etc. |