Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-89
Total 11593 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38538 1 Archerydms 1 Archery 2022-11-21 N/A 9.8 CRITICAL
Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module.
CVE-2022-44378 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-21 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL via /asms/classes/Master.php?f=delete_mechanic.
CVE-2022-44379 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-21 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_service.
CVE-2022-44003 1 Backclick 1 Backclick 2022-11-20 N/A 9.8 CRITICAL
An issue was discovered in BACKCLICK Professional 5.9.63. Due to insufficient escaping of user-supplied input, the application is vulnerable to SQL injection at various locations.
CVE-2022-44415 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-20 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/mechanics/view_mechanic.php?id=.
CVE-2022-44414 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-20 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/services/manage_service.php?id=.
CVE-2022-44413 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-20 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/mechanics/manage_mechanic.php?id=.
CVE-2022-44820 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-20 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=transactions/manage_transaction&id=.
CVE-2022-43179 1 Online Leave Management System Project 1 Online Leave Management System 2022-11-18 N/A 7.2 HIGH
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /admin/?page=user/manage_user&id=.
CVE-2022-43163 1 Online Diagnostic Lab Management System Project 1 Online Diagnostic Lab Management System 2022-11-18 N/A 7.2 HIGH
Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /clients/view_client.php.
CVE-2022-43162 1 Online Diagnostic Lab Management System Project 1 Online Diagnostic Lab Management System 2022-11-18 N/A 7.2 HIGH
Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tests/view_test.php.
CVE-2022-44403 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-18 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=user/manage_user&id=.
CVE-2022-44402 1 Automotive Shop Management System Project 1 Automotive Shop Management System 2022-11-18 N/A 7.2 HIGH
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_transaction.
CVE-2022-43135 1 Online Diagnostic Lab Management System Project 1 Online Diagnostic Lab Management System 2022-11-18 N/A 9.8 CRITICAL
Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at /diagnostic/login.php.
CVE-2021-38819 1 Simple Image Gallery Web App Project 1 Simple Image Gallery Web App 2022-11-17 N/A 8.8 HIGH
A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through "id" parameter on the album page.
CVE-2022-0224 1 Dolibarr 1 Dolibarr Erp\/crm 2022-11-17 7.5 HIGH 9.8 CRITICAL
dolibarr is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
CVE-2017-17899 1 Dolibarr 1 Dolibarr Erp\/crm 2022-11-17 7.5 HIGH 9.8 CRITICAL
SQL injection vulnerability in adherents/subscription/info.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the rowid parameter.
CVE-2013-2091 1 Dolibarr 1 Dolibarr Erp\/crm 2022-11-17 7.5 HIGH 9.8 CRITICAL
SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the 'pays' parameter in fiche.php.
CVE-2018-19994 1 Dolibarr 1 Dolibarr Erp\/crm 2022-11-17 6.5 MEDIUM 8.8 HIGH
An error-based SQL injection vulnerability in product/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the desiredstock parameter.
CVE-2018-13447 1 Dolibarr 1 Dolibarr Erp\/crm 2022-11-17 7.5 HIGH 9.8 CRITICAL
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut parameter.