Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-44580 | 1 Richplugins | 1 Plugin For Google Reviews | 2023-11-07 | N/A | 8.8 HIGH |
| SQL Injection (SQLi) vulnerability in RichPlugins Plugin for Google Reviews plugin <= 2.2.3 versions. | |||||
| CVE-2022-45355 | 1 Thimpress | 1 Wp Pipes | 2023-11-07 | N/A | 7.2 HIGH |
| Auth. (admin+) SQL Injection (SQLi) vulnerability in ThimPress WP Pipes plugin <= 1.33 versions. | |||||
| CVE-2022-45808 | 1 Thimpress | 1 Learnpress | 2023-11-07 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions. | |||||
| CVE-2022-45820 | 1 Thimpress | 1 Learnpress | 2023-11-07 | N/A | 8.8 HIGH |
| SQL Injection (SQLi) vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions. | |||||
| CVE-2022-43859 | 1 Ibm | 1 I | 2023-11-07 | N/A | 4.3 MEDIUM |
| IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information for an object they are authorized to but not while using this interface. By performing a UNION based SQL injection an attacker could see file permissions through this interface. IBM X-Force ID: 239304. | |||||
| CVE-2022-44588 | 1 Blocksera | 1 Cryptocurrency Widgets Pack | 2023-11-07 | N/A | 9.8 CRITICAL |
| Unauth. SQL Injection vulnerability in Cryptocurrency Widgets Pack Plugin <=1.8.1 on WordPress. | |||||
| CVE-2022-43860 | 1 Ibm | 1 I | 2023-11-07 | N/A | 4.3 MEDIUM |
| IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information they are authorized to but not while using this interface. By performing an SQL injection an attacker could see user profile attributes through this interface. IBM X-Force ID: 239305. | |||||
| CVE-2022-43462 | 1 Ip Blacklist Cloud Project | 1 Ip Blacklist Cloud | 2023-11-07 | N/A | 7.2 HIGH |
| Auth. SQL Injection (SQLi) vulnerability in Adeel Ahmed's IP Blacklist Cloud plugin <= 5.00 versions. | |||||
| CVE-2022-3947 | 1 Eolink | 1 Goku Lite | 2023-11-07 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in eolinker goku_lite. This affects an unknown part of the file /balance/service/list. The manipulation of the argument route/keyword leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213453 was assigned to this vulnerability. | |||||
| CVE-2022-40615 | 2 Ibm, Linux | 2 Sterling Partner Engagement Manager, Linux Kernel | 2023-11-07 | N/A | 9.8 CRITICAL |
| IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 236208. | |||||
| CVE-2022-3955 | 1 Crm42 Project | 1 Crm42 | 2023-11-07 | N/A | 9.8 CRITICAL |
| A vulnerability was found in tholum crm42. It has been rated as critical. This issue affects some unknown processing of the file crm42\class\class.user.php of the component Login. The manipulation of the argument user_name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213461 was assigned to this vulnerability. | |||||
| CVE-2022-3956 | 1 Hhims Project | 1 Hhims | 2023-11-07 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in tsruban HHIMS 2.1. Affected is an unknown function of the component Patient Portrait Handler. The manipulation of the argument PID leads to sql injection. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. VDB-213462 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-41731 | 2 Ibm, Redhat | 2 Watson Knowledge Catalog On Cloud Pak For Data, Openshift | 2023-11-07 | N/A | 9.8 CRITICAL |
| IBM Watson Knowledge Catalog on Cloud Pak for Data 4.5.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 237402. | |||||
| CVE-2022-3948 | 1 Eolink | 1 Goku Lite | 2023-11-07 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in eolinker goku_lite. This vulnerability affects unknown code of the file /plugin/getList. The manipulation of the argument route/keyword leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-213454 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3495 | 1 Simple Online Public Access Catalog Project | 1 Simple Online Public Access Catalog | 2023-11-07 | N/A | 7.2 HIGH |
| A vulnerability has been found in SourceCodester Simple Online Public Access Catalog 1.0 and classified as critical. This vulnerability affects unknown code of the file /opac/Actions.php?a=login of the component Admin Login. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-210784. | |||||
| CVE-2022-3800 | 1 Ibax | 1 Go-ibax | 2023-11-07 | N/A | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in IBAX go-ibax. Affected by this issue is some unknown functionality of the file /api/v2/open/rowsInfo. The manipulation of the argument table_name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212636. | |||||
| CVE-2022-3732 | 1 Ehoney Project | 1 Ehoney | 2023-11-07 | N/A | 9.8 CRITICAL |
| A vulnerability was found in seccome Ehoney and classified as critical. Affected by this issue is some unknown functionality of the file /api/v1/bait/set. The manipulation of the argument Payload leads to sql injection. The attack may be launched remotely. VDB-212414 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3583 | 1 Canteen Management System Project | 1 Canteen Management System | 2023-11-07 | N/A | 9.8 CRITICAL |
| A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument business leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-211192. | |||||
| CVE-2022-3504 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2023-11-07 | N/A | 9.8 CRITICAL |
| A vulnerability was found in SourceCodester Sanitization Management System and classified as critical. This issue affects some unknown processing of the file /php-sms/?p=services/view_service. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-210839. | |||||
| CVE-2022-3799 | 1 Ibax | 1 Go-ibax | 2023-11-07 | N/A | 8.8 HIGH |
| A vulnerability classified as critical was found in IBAX go-ibax. Affected by this vulnerability is an unknown functionality of the file /api/v2/open/tablesInfo. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212635. | |||||