Total
15409 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-24265 | 1 Cuppacms | 1 Cuppacms | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/menu/ via the path=component/menu/&menu_filter=3 parameter. | |||||
CVE-2022-24264 | 1 Cuppacms | 1 Cuppacms | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/table_manager/ via the search_word parameter. | |||||
CVE-2022-24263 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter. | |||||
CVE-2022-24260 | 1 Voipmonitor | 1 Voipmonitor | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator level. | |||||
CVE-2022-24240 | 1 Aceware | 1 Aceweb Online Portal | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
ACEweb Online Portal 3.5.065 was discovered to contain a SQL injection vulnerability via the criteria parameter in showschedule.awp. | |||||
CVE-2022-24231 | 1 Simple Student Information System Project | 1 Simple Student Information System | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability via add/Student. | |||||
CVE-2022-24226 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php. | |||||
CVE-2022-24223 | 1 Thedigitalcraft | 1 Atomcms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php. | |||||
CVE-2022-24222 | 1 Elitecms | 1 Elite Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php. | |||||
CVE-2022-24221 | 1 Elitecms | 1 Elite Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php. | |||||
CVE-2022-24220 | 1 Elitecms | 1 Elite Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_post.php. | |||||
CVE-2022-24219 | 1 Elitecms | 1 Elite Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php. | |||||
CVE-2022-24206 | 1 Tongda2000 | 1 Tongda Office Anywhere | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter. | |||||
CVE-2022-24124 | 1 Casbin | 1 Casdoor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and value parameters, as demonstrated by api/get-organizations. | |||||
CVE-2022-24121 | 2 Centos, Unifiedoffice | 2 Centos, Total Connect Now | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
SQL Injection vulnerability discovered in Unified Office Total Connect Now that would allow an attacker to extract sensitive information through a cookie parameter. | |||||
CVE-2022-23986 | 1 Phpuploader Project | 1 Phpuploader | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
SQL injection vulnerability in the phpUploader v1.2 and earlier allows a remote unauthenticated attacker to obtain the information in the database via unspecified vectors. | |||||
CVE-2022-23972 | 1 Asus | 2 Rt-ax56u, Rt-ax56u Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. An unauthenticated LAN attacker to inject arbitrary SQL code to read, modify and delete database. | |||||
CVE-2022-23911 | 1 Accesspressthemes | 1 Ap Custom Testimonial | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
The Testimonial WordPress Plugin WordPress plugin before 1.4.7 does not validate and escape the id parameter before using it in a SQL statement when retrieving a testimonial to edit, leading to a SQL Injection | |||||
CVE-2022-23902 | 1 Tongda2000 | 1 Tongda Office Anywhere | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter. | |||||
CVE-2022-23899 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java. |