Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27927 | 1 Microfinance Management System Project | 1 Microfinance Management System | 2022-09-09 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_number parameter. | |||||
| CVE-2022-37185 | 1 Ems Project | 1 Ems | 2022-09-09 | N/A | 7.5 HIGH |
| SQL injection vulnerability exists in the school information query interface (repschoolproj.php) of the EMS 6.2 system of the Office of the Thai Basic Education Commission, which can lead to data leakage. | |||||
| CVE-2022-29058 | 1 Fortinet | 4 Fortiap, Fortiap-s, Fortiap-u and 1 more | 2022-09-09 | N/A | 7.8 HIGH |
| An improper neutralization of special elements [CWE-89] used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiAP 6.0.0 through 6.4.7, 7.0.0 through 7.0.3, 7.2.0, FortiAP-S 6.0.0 through 6.4.7, FortiAP-W2 6.0.0 through 6.4.7, 7.0.0 through 7.0.3, 7.2.0 and FortiAP-U 5.4.0 through 6.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | |||||
| CVE-2022-38250 | 1 Nagios | 1 Nagios Xi | 2022-09-09 | N/A | 9.8 CRITICAL |
| Nagios XI v5.8.6 was discovered to contain a SQL injection vulnerability via the mib_name parameter at the Manage MIBs page. | |||||
| CVE-2022-38255 | 1 Interview Management System Project | 1 Interview Management System | 2022-09-09 | N/A | 7.2 HIGH |
| Interview Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /interview/editQuestion.php. | |||||
| CVE-2022-38260 | 1 Interview Management System Project | 1 Interview Management System | 2022-09-09 | N/A | 7.2 HIGH |
| Interview Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /interview/delete.php?action=questiondelete&id=. | |||||
| CVE-2022-3118 | 1 Erp System Project Project | 1 Erp System Project | 2022-09-09 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Sourcecodehero ERP System Project. It has been rated as critical. This issue affects some unknown processing of the file /pages/processlogin.php. The manipulation of the argument user leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207845 was assigned to this vulnerability. | |||||
| CVE-2022-38812 | 1 Aerocms Project | 1 Aerocms | 2022-09-07 | N/A | 6.5 MEDIUM |
| AeroCMS 0.1.1 is vulnerable to SQL Injection via the author parameter. | |||||
| CVE-2022-36581 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-09-02 | N/A | 7.5 HIGH |
| Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via the user_email parameter at /admin/login.php. | |||||
| CVE-2022-36636 | 1 Garage Management System Project | 1 Garage Management System | 2022-09-02 | N/A | 8.8 HIGH |
| Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /print.php. | |||||
| CVE-2022-36594 | 1 Mybatis | 1 Mapper | 2022-09-02 | N/A | 9.8 CRITICAL |
| Mapper v4.0.0 to v4.2.0 was discovered to contain a SQL injection vulnerability via the ids parameter at the selectByIds function. | |||||
| CVE-2022-36676 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2022-09-02 | N/A | 7.2 HIGH |
| Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/view_category.php. | |||||
| CVE-2022-36675 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2022-09-02 | N/A | 7.2 HIGH |
| Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/manage_schedule.php. | |||||
| CVE-2022-36674 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2022-09-02 | N/A | 7.2 HIGH |
| Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/view_schedule.php. | |||||
| CVE-2020-35846 | 1 Agentejo | 1 Cockpit | 2022-09-02 | 7.5 HIGH | 9.8 CRITICAL |
| Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function. | |||||
| CVE-2022-36704 | 1 Library Management System Project | 1 Library Management System | 2022-09-01 | N/A | 8.8 HIGH |
| Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at /librarian/studentdetails.php. | |||||
| CVE-2022-36705 | 1 Ingredients Stock Management System Project | 1 Ingredients Stock Management System | 2022-09-01 | N/A | 9.8 CRITICAL |
| Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at /stocks/manage_waste.php. | |||||
| CVE-2022-36708 | 1 Library Management System Project | 1 Library Management System | 2022-09-01 | N/A | 9.8 CRITICAL |
| Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at /student/bookdetails.php. | |||||
| CVE-2022-36706 | 1 Ingredients Stock Management System Project | 1 Ingredients Stock Management System | 2022-09-01 | N/A | 9.8 CRITICAL |
| Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at /stocks/manage_stockout.php. | |||||
| CVE-2022-36733 | 1 Library Management System Project | 1 Library Management System | 2022-09-01 | N/A | 9.8 CRITICAL |
| Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at /admin/del.php. | |||||