Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-38537 | 1 Archerydms | 1 Archery | 2022-11-08 | N/A | 9.8 CRITICAL |
| Archery v1.4.5 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_file, end_file, start_time, and stop_time parameters in the binlog2sql interface. | |||||
| CVE-2022-38541 | 1 Archerydms | 1 Archery | 2022-11-07 | N/A | 9.8 CRITICAL |
| Archery v1.8.3 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_time and stop_time parameters in the my2sql interface. | |||||
| CVE-2022-42744 | 1 Auieo | 1 Candidats | 2022-11-05 | N/A | 9.8 CRITICAL |
| CandidATS version 3.0.0 allows an external attacker to perform CRUD operations on the application databases. This is possible because the application does not correctly validate the entriesPerPage parameter against SQLi attacks. | |||||
| CVE-2022-43063 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-04 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Users.php?f=delete_client. | |||||
| CVE-2022-43062 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-04 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_appointment. | |||||
| CVE-2020-22819 | 1 Mkcms Project | 1 Mkcms | 2022-11-03 | N/A | 9.8 CRITICAL |
| MKCMS V6.2 has SQL injection via the /ucenter/active.php verify parameter. | |||||
| CVE-2020-22820 | 1 Mkcms Project | 1 Mkcms | 2022-11-03 | N/A | 9.8 CRITICAL |
| MKCMS V6.2 has SQL injection via the /ucenter/repass.php name parameter. | |||||
| CVE-2020-22818 | 1 Mkcms Project | 1 Mkcms | 2022-11-03 | N/A | 9.8 CRITICAL |
| MKCMS V6.2 has SQL injection via /ucenter/reg.php name parameter. | |||||
| CVE-2022-39323 | 1 Glpi-project | 1 Glpi | 2022-11-03 | N/A | 9.8 CRITICAL |
| GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Time based attack using a SQL injection in api REST user_token. This issue has been patched, please upgrade to version 10.0.4. As a workaround, disable login with user_token on API Rest. | |||||
| CVE-2022-43066 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-03 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/classes/Master.php?f=delete_message. | |||||
| CVE-2022-43227 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-03 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/admin/?page=appointments/view_appointment. | |||||
| CVE-2022-43226 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-03 | N/A | 8.8 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/?page=appointments/view_appointment. | |||||
| CVE-2022-41551 | 1 Garage Management System Project | 1 Garage Management System | 2022-11-03 | N/A | 7.2 HIGH |
| Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editorder.php. | |||||
| CVE-2022-43068 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-03 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_reservation. | |||||
| CVE-2022-43362 | 1 Slims | 1 Senayan Library Management System | 2022-11-02 | N/A | 7.2 HIGH |
| Senayan Library Management System v9.4.2 was discovered to contain a SQL injection vulnerability via the collType parameter at loan_by_class.php. | |||||
| CVE-2022-43081 | 1 Fast Food Ordering System Project | 1 Fast Food Ordering System | 2022-11-02 | N/A | 7.5 HIGH |
| Fast Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the component /fastfood/purchase.php. | |||||
| CVE-2022-43127 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-01 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /appointments/update_status.php. | |||||
| CVE-2022-43126 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-01 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/tests/manage_test.php. | |||||
| CVE-2022-43125 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-01 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /appointments/manage_appointment.php. | |||||
| CVE-2022-43124 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-01 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user. | |||||