Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-89
Total 14188 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-45330 1 Aerocms Project 1 Aerocms 2025-04-25 N/A 7.5 HIGH
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Category parameter at \category.php. This vulnerability allows attackers to access database information.
CVE-2022-44139 1 Apartment Visitors Management System Project 1 Apartment Visitors Management System 2025-04-25 N/A 9.8 CRITICAL
Apartment Visitor Management System v1.0 is vulnerable to SQL Injection via /avms/index.php.
CVE-2022-45331 1 Aerocms Project 1 Aerocms 2025-04-25 N/A 7.5 HIGH
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the p_id parameter at \post.php. This vulnerability allows attackers to access database information.
CVE-2022-45529 1 Aerocms Project 1 Aerocms 2025-04-25 N/A 4.9 MEDIUM
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the post_category_id parameter at \admin\includes\edit_post.php. This vulnerability allows attackers to access database information.
CVE-2022-44120 1 Dedebiz 1 Dedecmsv6 2025-04-25 N/A 9.8 CRITICAL
dedecmdv6 6.1.9 is vulnerable to SQL Injection. via sys_sql_query.php.
CVE-2022-45278 1 Jizhicms 1 Jizhicms 2025-04-25 N/A 8.8 HIGH
Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /index.php/admins/Fields/get_fields.html component.
CVE-2022-44278 1 Sanitization Management System Project 1 Sanitization Management System 2025-04-25 N/A 7.2 HIGH
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=user/manage_user&id=.
CVE-2022-44140 1 Jizhicms 1 Jizhicms 2025-04-25 N/A 8.8 HIGH
Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /Member/memberedit.html component.
CVE-2022-44399 1 Poultry Farm Management System Project 1 Poultry Farm Management System 2025-04-25 N/A 9.8 CRITICAL
Poultry Farm Management System v1.0 contains a SQL injection vulnerability via the del parameter at /Redcock-Farm/farm/category.php.
CVE-2022-36193 1 Lahirudanushka 1 School Management System 2025-04-25 N/A 9.8 CRITICAL
SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries.
CVE-2022-3848 1 Wp User Merger Project 1 Wp User Merger 2025-04-25 N/A 8.8 HIGH
The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin
CVE-2022-42109 1 Online-shopping-system-advanced Project 1 Online-shopping-system-advanced 2025-04-25 N/A 9.8 CRITICAL
Online-shopping-system-advanced 1.0 was discovered to contain a SQL injection vulnerability via the p parameter at /shopping/product.php.
CVE-2022-3768 1 Wpsmartcontracts 1 Wpsmartcontracts 2025-04-25 N/A 8.8 HIGH
The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author
CVE-2022-45329 1 Aerocms Project 1 Aerocms 2025-04-25 N/A 7.5 HIGH
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Search parameter. This vulnerability allows attackers to access database information.
CVE-2022-3751 1 Owncast Project 1 Owncast 2025-04-25 N/A 9.8 CRITICAL
SQL Injection in GitHub repository owncast/owncast prior to 0.0.13.
CVE-2022-44277 1 Sanitization Management System Project 1 Sanitization Management System 2025-04-24 N/A 7.2 HIGH
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/classes/Master.php?f=delete_product.
CVE-2022-44291 1 Webtareas Project 1 Webtareas 2025-04-24 N/A 9.8 CRITICAL
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php.
CVE-2022-44290 1 Webtareas Project 1 Webtareas 2025-04-24 N/A 9.8 CRITICAL
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php.
CVE-2022-44296 1 Sanitization Management System Project 1 Sanitization Management System 2025-04-24 N/A 7.2 HIGH
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/quotes/manage_remark.php?id=.
CVE-2022-44294 1 Sanitization Management System Project 1 Sanitization Management System 2025-04-24 N/A 7.2 HIGH
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=services/manage_service&id=.