Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33048 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2022-06-28 | 6.5 MEDIUM | 7.2 HIGH |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/reservations/view_details.php. | |||||
| CVE-2022-33049 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2022-06-28 | 6.5 MEDIUM | 7.2 HIGH |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/?page=user/manage_user. | |||||
| CVE-2017-20067 | 1 Hindu Matrimonial Script Project | 1 Hindu Matrimonial Script | 2022-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was found in Hindu Matrimonial Script. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-33056 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2022-06-28 | 6.5 MEDIUM | 7.2 HIGH |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/schedules/manage_schedule.php. | |||||
| CVE-2022-33055 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2022-06-28 | 6.5 MEDIUM | 7.2 HIGH |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/trains/manage_train.php. | |||||
| CVE-2022-1905 | 1 E-dynamics | 1 Events Made Easy | 2022-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| The Events Made Easy WordPress plugin before 2.2.81 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection | |||||
| CVE-2019-12359 | 1 Zzcms | 1 Zzcms | 2022-06-28 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/ztliuyan_sendmail.php (when the attacker has admin authority) via the id parameter. | |||||
| CVE-2019-12358 | 1 Zzcms | 1 Zzcms | 2022-06-28 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendsms.php (when the attacker has dls_print authority) via a dlid cookie. | |||||
| CVE-2019-12357 | 1 Zzcms | 1 Zzcms | 2022-06-28 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/deluser.php (when the attacker has admin authority) via the id parameter. | |||||
| CVE-2019-12355 | 1 Zzcms | 1 Zzcms | 2022-06-28 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_print.php (when the attacker has dls_print authority) via the id parameter. | |||||
| CVE-2019-12356 | 1 Zzcms | 1 Zzcms | 2022-06-28 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dls_download.php (when the attacker has dls_download authority) via the id parameter. | |||||
| CVE-2019-12354 | 1 Zzcms | 1 Zzcms | 2022-06-28 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/showbad.php (when the attacker has admin authority) via the id parameter. | |||||
| CVE-2019-12353 | 1 Zzcms | 1 Zzcms | 2022-06-28 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /admin/dl_sendmail.php (when the attacker has admin authority) via the id parameter. | |||||
| CVE-2022-31941 | 1 Rescue Dispatch Management System Project | 1 Rescue Dispatch Management System | 2022-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via \rdms\admin?page=user\manage_user&id=. | |||||
| CVE-2022-31355 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/index.php?q=category&search=. | |||||
| CVE-2022-31356 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/store/index.php?view=edit&id=. | |||||
| CVE-2022-31357 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/inventory/index.php?view=edit&id=. | |||||
| CVE-2022-31296 | 1 Online Discussion Forum Project | 1 Online Discussion Forum | 2022-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php. | |||||
| CVE-2021-41408 | 1 Voipmonitor | 1 Voipmonitor | 2022-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| VoIPmonitor WEB GUI up to version 24.61 is affected by SQL injection through the "api.php" file and "user" parameter. | |||||
| CVE-2019-12352 | 1 Zzcms | 1 Zzcms | 2022-06-27 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /dl/dl_sendmail.php (when the attacker has dls_print authority) via a dlid cookie. | |||||