Total
14188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-20017 | 1 Tngsitebuilding | 1 The Next Generation Of Genealogy Sitebuilding | 2022-06-14 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in The Next Generation of Genealogy Sitebuilding up to 11.1.0. This issue affects some unknown processing of the file /timeline2.php. The manipulation of the argument primaryID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.1.1 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2022-30927 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable "id" parameter. | |||||
| CVE-2020-36538 | 1 Etan | 1 Etan Cms | 2022-06-14 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability was found in Eatan CMS. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The attack can be launched remotely. | |||||
| CVE-2022-30469 | 1 Afian | 1 Filerun | 2022-06-14 | 6.5 MEDIUM | 8.8 HIGH |
| In Afian Filerun 20220202, lack of sanitization of the POST parameter "metadata[]" in `/?module=fileman§ion=get&page=grid` leads to SQL injection. | |||||
| CVE-2022-31768 | 1 Ibm | 1 Infosphere Information Server | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. | |||||
| CVE-2020-36537 | 1 Everywhere | 1 Everywhere Cms | 2022-06-14 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability was found in Everywhere CMS. It has been classified as critical. Affected is an unknown function. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. | |||||
| CVE-2020-36536 | 1 Brandbugle | 1 Brandbugle | 2022-06-14 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability was found in Brandbugle. It has been rated as critical. Affected by this issue is some unknown functionality of the file /main.php. The manipulation leads to sql injection. The attack may be launched remotely. | |||||
| CVE-2020-36535 | 1 Minmax | 1 Minmax | 2022-06-14 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability classified as critical has been found in MINMAX. This affects an unknown part of the file /newsDia.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. | |||||
| CVE-2020-36530 | 1 Ibm | 1 Sevone Network Performance Management | 2022-06-14 | 6.0 MEDIUM | 8.8 HIGH |
| A vulnerability classified as critical was found in SevOne Network Management System up to 5.7.2.22. This vulnerability affects the Alert Summary. The manipulation leads to sql injection. The attack can be initiated remotely. | |||||
| CVE-2021-41932 | 1 Wolterskluwer | 1 Teammate\+ Audit | 2022-06-13 | 6.5 MEDIUM | 8.8 HIGH |
| A blind SQL injection vulnerability in search form in TeamMate+ Audit version 28.0.19.0 allows any authenticated user to create malicious SQL injections, which can result in complete database compromise, gaining information about other users, unauthorized access to audit data etc. | |||||
| CVE-2020-36541 | 1 Demokratian | 1 Demokratian | 2022-06-11 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was found in Demokratian. It has been rated as critical. Affected by this issue is some unknown functionality of the file basicos_php/genera_select.php. The manipulation of the argument id_provincia with the input -1%20union%20all%20select%201,2,3,4,database() leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2020-36539 | 1 Logicoycreativo | 1 Logico Y Creativo | 2022-06-11 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was found in Lógico y Creativo 1.0 and classified as critical. This issue affects some unknown processing. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. | |||||
| CVE-2020-36540 | 1 Neetai | 1 Neetai Tech | 2022-06-11 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in Neetai Tech. Affected is an unknown function of the file /product.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-29704 | 1 Browsbox | 1 Brows Box | 2022-06-11 | 7.5 HIGH | 9.8 CRITICAL |
| BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability. | |||||
| CVE-2022-24240 | 1 Aceware | 1 Aceweb Online Portal | 2022-06-11 | 7.5 HIGH | 9.8 CRITICAL |
| ACEweb Online Portal 3.5.065 was discovered to contain a SQL injection vulnerability via the criteria parameter in showschedule.awp. | |||||
| CVE-2022-30799 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php. | |||||
| CVE-2022-30798 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php. | |||||
| CVE-2022-30797 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-10 | 7.5 HIGH | 9.8 CRITICAL |
| Online Ordering System 1.0 by oretnom23 is vulnerable to SQL Injection via admin/vieworders.php. | |||||
| CVE-2022-30795 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductimage.php. | |||||
| CVE-2022-30794 | 1 Online Ordering System Project | 1 Online Ordering System | 2022-06-10 | 6.5 MEDIUM | 7.2 HIGH |
| Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductetails.php. | |||||