Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-28813 | 1 Gavazziautomation | 3 Cpy Car Park Server, Uwp 3.0 Monitoring Gateway And Controller, Uwp 3.0 Monitoring Gateway And Controller Firmware | 2022-12-07 | N/A | 7.5 HIGH |
| In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of an SQL-injection to gain access to a volatile temporary database with the current states of the device. | |||||
| CVE-2022-45019 | 1 Slims | 1 Senayan Library Management System | 2022-12-06 | N/A | 7.5 HIGH |
| SLiMS 9 Bulian v9.5.0 was discovered to contain a SQL injection vulnerability via the keywords parameter. | |||||
| CVE-2022-44291 | 1 Webtareas Project | 1 Webtareas | 2022-12-06 | N/A | 9.8 CRITICAL |
| webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php. | |||||
| CVE-2022-44290 | 1 Webtareas Project | 1 Webtareas | 2022-12-06 | N/A | 9.8 CRITICAL |
| webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php. | |||||
| CVE-2022-30528 | 1 Isic.lk Project | 1 Isic.lk | 2022-12-05 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to execute arbitrary commands via the username parameter to /system/user/modules/mod_users/controller.php. | |||||
| CVE-2019-4032 | 1 Ibm | 1 Financial Transaction Manager | 2022-12-03 | 7.5 HIGH | 9.8 CRITICAL |
| IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-ForceID: 155998. | |||||
| CVE-2019-4012 | 1 Ibm | 2 Bigfix Webui Profile Management, Bigfix Webui Software Distribution | 2022-12-03 | 7.5 HIGH | 9.8 CRITICAL |
| IBM BigFix WebUI Profile Management 6 and Software Distribution 23 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 155886. | |||||
| CVE-2022-44277 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2022-12-03 | N/A | 7.2 HIGH |
| Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/classes/Master.php?f=delete_product. | |||||
| CVE-2019-4224 | 1 Ibm | 1 Pureapplication System | 2022-12-03 | 6.5 MEDIUM | 8.8 HIGH |
| IBM PureApplication System 2.2.3.0 through 2.2.5.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 159240. | |||||
| CVE-2022-44345 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2022-12-03 | N/A | 7.2 HIGH |
| Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=quotes/view_quote&id=. | |||||
| CVE-2022-44347 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2022-12-03 | N/A | 7.2 HIGH |
| Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=inquiries/view_inquiry&id=. | |||||
| CVE-2022-44348 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2022-12-03 | N/A | 7.2 HIGH |
| Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/orders/update_status.php?id=. | |||||
| CVE-2021-37823 | 1 Opencart | 1 Opencart | 2022-12-03 | N/A | 4.9 MEDIUM |
| OpenCart 3.0.3.7 allows users to obtain database information or read server files through SQL injection in the background. | |||||
| CVE-2022-2840 | 1 Zephyr Project Manager Project | 1 Zephyr Project Manager | 2022-12-03 | N/A | 9.8 CRITICAL |
| The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL statements via various AJAX actions available to both unauthenticated and authenticated users, leading to SQL injections | |||||
| CVE-2022-43229 | 1 Simple Cold Storage Management System Project | 1 Simple Cold Storage Managment System | 2022-12-03 | N/A | 7.2 HIGH |
| Simple Cold Storage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /bookings/update_status.php. | |||||
| CVE-2021-24957 | 1 Advanced Page Visit Counter Project | 1 Advanced Page Visit Counter | 2022-12-02 | 6.5 MEDIUM | 8.8 HIGH |
| The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvc_reset_count_art AJAX action, available to any authenticated user, leading to a SQL injection | |||||
| CVE-2019-4481 | 1 Ibm | 2 Emptoris Contract Management, Emptoris Spend Analysis | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 164064. | |||||
| CVE-2019-4483 | 1 Ibm | 2 Emptoris Contract Management, Emptoris Spend Analysis | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 164067. | |||||
| CVE-2022-45328 | 1 Church Management System Project | 1 Church Management System | 2022-12-01 | N/A | 7.2 HIGH |
| Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_members.php. | |||||
| CVE-2022-44399 | 1 Poultry Farm Management System Project | 1 Poultry Farm Management System | 2022-12-01 | N/A | 9.8 CRITICAL |
| Poultry Farm Management System v1.0 contains a SQL injection vulnerability via the del parameter at /Redcock-Farm/farm/category.php. | |||||