Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46952 | 1 Dynamic Transaction Queuing System Project | 1 Dynamic Transaction Queuing System | 2023-01-20 | N/A | 7.2 HIGH |
| Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=delete_user. | |||||
| CVE-2022-46953 | 1 Dynamic Transaction Queuing System Project | 1 Dynamic Transaction Queuing System | 2023-01-20 | N/A | 7.2 HIGH |
| Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=save_window. | |||||
| CVE-2022-46954 | 1 Dynamic Transaction Queuing System Project | 1 Dynamic Transaction Queuing System | 2023-01-20 | N/A | 9.8 CRITICAL |
| Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=delete_transaction. | |||||
| CVE-2022-46955 | 1 Dynamic Transaction Queuing System Project | 1 Dynamic Transaction Queuing System | 2023-01-20 | N/A | 9.8 CRITICAL |
| Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=save_queue. | |||||
| CVE-2022-46956 | 1 Dynamic Transaction Queuing System Project | 1 Dynamic Transaction Queuing System | 2023-01-20 | N/A | 7.2 HIGH |
| Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/manage_user.php. | |||||
| CVE-2018-16850 | 3 Canonical, Postgresql, Redhat | 3 Ubuntu Linux, Postgresql, Enterprise Linux | 2023-01-19 | 7.5 HIGH | 9.8 CRITICAL |
| postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges. | |||||
| CVE-2023-0016 | 1 Sap | 1 Business Planning And Consolidation | 2023-01-18 | N/A | 8.8 HIGH |
| SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. The exploitation of this issue could lead to SQL injection vulnerability and could allow an attacker to access, modify, and/or delete data from the backend database. | |||||
| CVE-2023-22959 | 1 Webchess Project | 1 Webchess | 2023-01-18 | N/A | 8.8 HIGH |
| WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php (txtFirstName, txtLastName). | |||||
| CVE-2022-45165 | 1 Archibus | 1 Web Central | 2023-01-18 | N/A | 8.8 HIGH |
| An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a user-controlled parameter that is used to create an SQL query. It causes this service to be prone to SQL injection. | |||||
| CVE-2022-47864 | 1 Lead Management System Project | 1 Lead Management System | 2023-01-13 | N/A | 9.8 CRITICAL |
| Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeCategories.php. | |||||
| CVE-2022-47862 | 1 Lead Management System Project | 1 Lead Management System | 2023-01-13 | N/A | 9.8 CRITICAL |
| Lead Management System v1.0 is vulnerable to SQL Injection via the customer_id parameter in ajax_represent.php. | |||||
| CVE-2022-47861 | 1 Lead Management System Project | 1 Lead Management System | 2023-01-13 | N/A | 9.8 CRITICAL |
| Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeLead.php. | |||||
| CVE-2022-47860 | 1 Lead Management System Project | 1 Lead Management System | 2023-01-13 | N/A | 9.8 CRITICAL |
| Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeProduct.php. | |||||
| CVE-2022-47859 | 1 Lead Management System Project | 1 Lead Management System | 2023-01-13 | N/A | 9.8 CRITICAL |
| Lead Management System v1.0 is vulnerable to SQL Injection via the user_id parameter in changePassword.php. | |||||
| CVE-2022-47866 | 1 Lead Management System Project | 1 Lead Management System | 2023-01-13 | N/A | 9.8 CRITICAL |
| Lead management system v1.0 is vulnerable to SQL Injection via the id parameter in removeBrand.php. | |||||
| CVE-2022-47865 | 1 Lead Management System Project | 1 Lead Management System | 2023-01-13 | N/A | 9.8 CRITICAL |
| Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeOrder.php. | |||||
| CVE-2022-47790 | 1 Dynamic Transaction Queuing System Project | 1 Dynamic Transaction Queuing System | 2023-01-12 | N/A | 9.8 CRITICAL |
| Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=. | |||||
| CVE-2022-40049 | 1 Theme Park Ticketing System Project | 1 Theme Park Ticketing System | 2023-01-11 | N/A | 7.5 HIGH |
| SQL injection vulnerability in sourcecodester Theme Park Ticketing System 1.0 allows remote attackers to view sensitive information via the id parameter to the /tpts/manage_user.php page. | |||||
| CVE-2022-47523 | 1 Zohocorp | 3 Manageengine Access Manager Plus, Manageengine Pam360, Manageengine Password Manager Pro | 2023-01-11 | N/A | 9.8 CRITICAL |
| Zoho ManageEngine Access Manager Plus before 4309, Password Manager Pro before 12210, and PAM360 before 5801 are vulnerable to SQL Injection. | |||||
| CVE-2022-38627 | 1 Niceforyou | 2 Linear Emerge E3 Access Control, Linear Emerge E3 Access Control Firmware | 2023-01-10 | N/A | 9.8 CRITICAL |
| Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter. | |||||