Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-44140 | 1 Jizhicms | 1 Jizhicms | 2022-11-28 | N/A | 8.8 HIGH |
| Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /Member/memberedit.html component. | |||||
| CVE-2022-44120 | 1 Dedebiz | 1 Dedecmsv6 | 2022-11-28 | N/A | 9.8 CRITICAL |
| dedecmdv6 6.1.9 is vulnerable to SQL Injection. via sys_sql_query.php. | |||||
| CVE-2022-45278 | 1 Jizhicms | 1 Jizhicms | 2022-11-28 | N/A | 8.8 HIGH |
| Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /index.php/admins/Fields/get_fields.html component. | |||||
| CVE-2022-36193 | 1 School Management System Project | 1 School Management System | 2022-11-28 | N/A | 9.8 CRITICAL |
| SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries. | |||||
| CVE-2021-35284 | 1 Cms-php Project | 1 Cms-php | 2022-11-28 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in function get_user in login_manager.php in rizalafani cms-php v1. | |||||
| CVE-2022-44278 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2022-11-28 | N/A | 7.2 HIGH |
| Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=user/manage_user&id=. | |||||
| CVE-2022-44139 | 1 Apartment Visitors Management System Project | 1 Apartment Visitors Management System | 2022-11-26 | N/A | 9.8 CRITICAL |
| Apartment Visitor Management System v1.0 is vulnerable to SQL Injection via /avms/index.php. | |||||
| CVE-2022-37773 | 1 Maarch | 1 Maarch Rm | 2022-11-26 | N/A | 6.5 MEDIUM |
| An authenticated SQL Injection vulnerability in the statistics page (/statistics/retrieve) of Maarch RM 2.8, via the filter parameter, allows the complete disclosure of all databases. | |||||
| CVE-2022-42098 | 1 Klik-socialmediawebsite Project | 1 Klik-socialmediawebsite | 2022-11-23 | N/A | 8.8 HIGH |
| KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php. | |||||
| CVE-2022-45331 | 1 Aerocms Project | 1 Aerocms | 2022-11-23 | N/A | 7.5 HIGH |
| AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the p_id parameter at \post.php. This vulnerability allows attackers to access database information. | |||||
| CVE-2022-45330 | 1 Aerocms Project | 1 Aerocms | 2022-11-23 | N/A | 7.5 HIGH |
| AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Category parameter at \category.php. This vulnerability allows attackers to access database information. | |||||
| CVE-2022-45536 | 1 Aerocms Project | 1 Aerocms | 2022-11-23 | N/A | 4.9 MEDIUM |
| AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the id parameter at \admin\post_comments.php. This vulnerability allows attackers to access database information. | |||||
| CVE-2022-45535 | 1 Aerocms Project | 1 Aerocms | 2022-11-23 | N/A | 4.9 MEDIUM |
| AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the edit parameter at \admin\categories.php. This vulnerability allows attackers to access database information. | |||||
| CVE-2022-44785 | 1 Maggioli | 1 Appalti \& Contratti | 2022-11-23 | N/A | 9.8 CRITICAL |
| An issue was discovered in Appalti & Contratti 9.12.2. The target web applications are subject to multiple SQL Injection vulnerabilities, some of which executable even by unauthenticated users, as demonstrated by the GetListaEnti.do cfamm parameter. | |||||
| CVE-2022-45529 | 1 Aerocms Project | 1 Aerocms | 2022-11-23 | N/A | 4.9 MEDIUM |
| AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the post_category_id parameter at \admin\includes\edit_post.php. This vulnerability allows attackers to access database information. | |||||
| CVE-2022-4093 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2022-11-23 | N/A | 9.8 CRITICAL |
| SQL injection attacks can result in unauthorized access to sensitive data, such as passwords, credit card details, or personal user information. Many high-profile data breaches in recent years have been the result of SQL injection attacks, leading to reputational damage and regulatory fines. In some cases, an attacker can obtain a persistent backdoor into an organization's systems, leading to a long-term compromise that can go unnoticed for an extended period. This affect 16.0.1 and 16.0.2 only. 16.0.0 or lower, and 16.0.3 or higher are not affected | |||||
| CVE-2022-43709 | 1 Mybb | 1 Mybb | 2022-11-22 | N/A | 4.9 MEDIUM |
| MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings. | |||||
| CVE-2022-38148 | 1 Silverstripe | 1 Framework | 2022-11-22 | N/A | 8.8 HIGH |
| Silverstripe silverstripe/framework through 4.11 allows SQL Injection. | |||||
| CVE-2020-17506 | 1 Articatech | 1 Web Proxy | 2022-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php. | |||||
| CVE-2022-42497 | 1 Api2cart | 1 Api2cart Bridge Connector | 2022-11-21 | N/A | 9.8 CRITICAL |
| Arbitrary Code Execution vulnerability in Api2Cart Bridge Connector plugin <= 1.1.0 on WordPress. | |||||