Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1731 | 1 Allgeier | 1 Metasonic Doc Webclient | 2022-05-25 | 6.8 MEDIUM | 9.8 CRITICAL |
| Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0 is vulnerable to a SQL injection attack in the username field. SSO or System authentication are required to be enabled for vulnerable conditions to exist. | |||||
| CVE-2022-0867 | 1 Reputeinfosystems | 1 Pricing Table | 2022-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users | |||||
| CVE-2022-30765 | 1 Calibre-web Project | 1 Calibre-web | 2022-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| Calibre-Web before 0.6.18 allows user table SQL Injection. | |||||
| CVE-2022-28930 | 1 Erp-pro Project | 1 Erp-pro | 2022-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| ERP-Pro v3.7.5 was discovered to contain a SQL injection vulnerability via the component /base/SysEveMenuAuthPointMapper.xml.. | |||||
| CVE-2022-30012 | 1 Hospital Management System Project | 1 Hospital Management System | 2022-05-24 | 5.0 MEDIUM | 7.5 HIGH |
| In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection. | |||||
| CVE-2022-24831 | 1 Openclinica | 1 Openclinica | 2022-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared statements. No known workarounds exist. This issue has been patched in 3.16.1, 3.15.9, 3.14.1, and 3.13.1 and users are advised to upgrade. | |||||
| CVE-2022-29383 | 1 Netgear | 2 Ssl312, Ssl312 Firmware | 2022-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. | |||||
| CVE-2021-41965 | 1 Churchcrm | 1 Churchcrm | 2022-05-23 | 6.5 MEDIUM | 8.8 HIGH |
| A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4.5 that allows an authenticated attacker to issue an arbitrary SQL command to the database through the unsanitized EN_tyid, theID and EID fields used when an Edit action on an existing record is being performed. | |||||
| CVE-2022-28929 | 1 Hospital Management System Project | 1 Hospital Management System | 2022-05-23 | 7.5 HIGH | 9.8 CRITICAL |
| Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the delid parameter at viewtreatmentrecord.php. | |||||
| CVE-2022-30413 | 1 Covid 19 Travel Pass Management System Project | 1 Covid 19 Travel Pass Management System | 2022-05-23 | 7.5 HIGH | 9.8 CRITICAL |
| Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=delete_application. | |||||
| CVE-2022-30412 | 1 Covid 19 Travel Pass Management System Project | 1 Covid 19 Travel Pass Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/individuals/update_status.php?id=. | |||||
| CVE-2022-30411 | 1 Covid 19 Travel Pass Management System Project | 1 Covid 19 Travel Pass Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=individuals/view_individual&id=. | |||||
| CVE-2022-30414 | 1 Covid 19 Travel Pass Management System Project | 1 Covid 19 Travel Pass Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=applications/view_application&id=. | |||||
| CVE-2022-30417 | 1 Covid 19 Travel Pass Management System Project | 1 Covid 19 Travel Pass Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via ctpms/admin/?page=user/manage_user&id=. | |||||
| CVE-2022-30415 | 1 Covid 19 Travel Pass Management System Project | 1 Covid 19 Travel Pass Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/applications/update_status.php?id=. | |||||
| CVE-2022-30403 | 1 Merchandise Online Store Product | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=products&c=. | |||||
| CVE-2022-30404 | 1 College Management System Project | 1 College Management System | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| College Management System v1.0 is vulnerable to SQL Injection via /College_Management_System/admin/display-teacher.php?teacher_id=. | |||||
| CVE-2022-30407 | 1 Pharmacy Sales And Inventory System Project | 1 Pharmacy Sales And Inventory System | 2022-05-23 | 7.5 HIGH | 9.8 CRITICAL |
| Pharmacy Sales And Inventory System v1.0 is vulnerable to SQL Injection via /pharmacy-sales-and-inventory-system/manage_user.php?id=. | |||||
| CVE-2022-30401 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=view_product&id=. | |||||
| CVE-2022-30400 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/orders/view_order.php?view=user&id=. | |||||