ReportizFlow
Filtered by vendor
Subscriptions
Total
16424 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-38808 | 1 Yimihome | 1 Ywoa | 2024-11-21 | 8.8 High |
| ywoa v6.1 is vulnerable to SQL Injection via backend/oa/visual/exportExcel.do interface. | ||||
| CVE-2022-38771 | 1 Transtek | 1 Mojodat Fixed Asset Management | 2024-11-21 | 9.8 Critical |
| The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to send SCRIPT tags as injected input to the API request. | ||||
| CVE-2022-38637 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 9.8 Critical |
| Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the Username and Password parameters on the Login page. | ||||
| CVE-2022-38618 | 1 Bpcbt | 1 Smartvista | 2024-11-21 | 8.8 High |
| SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id88, UserForm:j_id90, and UserForm:j_id92 parameters at /SVFE2/pages/feegroups/country_group.jsf. | ||||
| CVE-2022-38617 | 1 Bpcbt | 1 Smartvista | 2024-11-21 | 8.8 High |
| SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the voiceAudit:j_id97 parameter at /SVFE2/pages/audit/voiceaudit.jsf. | ||||
| CVE-2022-38616 | 1 Bpcbt | 1 Smartvista Front-end | 2024-11-21 | 8.8 High |
| SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /feegroups/tgrt_group.jsf. | ||||
| CVE-2022-38615 | 1 Bpcbt | 1 Smartvista Front-end | 2024-11-21 | 8.8 High |
| SmartVista SVFE2 v2.2.22 was discovered to contain multiple SQL injection vulnerabilities via the UserForm:j_id88, UserForm:j_id90, and UserForm:j_id92 parameters at /SVFE2/pages/feegroups/service_group.jsf. | ||||
| CVE-2022-38610 | 1 Garage Management System Project | 1 Garage Management System | 2024-11-21 | 7.2 High |
| Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editclient.php. | ||||
| CVE-2022-38606 | 1 Garage Management System Project | 1 Garage Management System | 2024-11-21 | 7.2 High |
| Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editcategory.php. | ||||
| CVE-2022-38605 | 1 Church Management System Project | 1 Church Management System | 2024-11-21 | 7.2 High |
| Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_event.php. | ||||
| CVE-2022-38595 | 1 Church Management System Project | 1 Church Management System | 2024-11-21 | 7.2 High |
| Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_user.php. | ||||
| CVE-2022-38594 | 1 Church Management System Project | 1 Church Management System | 2024-11-21 | 7.2 High |
| Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_visitor.php. | ||||
| CVE-2022-38576 | 1 Interview Management System Project | 1 Interview Management System | 2024-11-21 | 7.2 High |
| Interview Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /interview/delete.php?action=deletecand&id=. | ||||
| CVE-2022-38542 | 1 Archerydms | 1 Archery | 2024-11-21 | 9.8 Critical |
| Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the kill_session interface. The project has released an update, please upgrade to v1.9.0 and above. | ||||
| CVE-2022-38541 | 1 Archerydms | 1 Archery | 2024-11-21 | 9.8 Critical |
| Archery v1.8.3 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_time and stop_time parameters in the my2sql interface. | ||||
| CVE-2022-38540 | 1 Archerydms | 1 Archery | 2024-11-21 | 9.8 Critical |
| Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the create_kill_session interface. | ||||
| CVE-2022-38539 | 1 Archerydms | 1 Archery | 2024-11-21 | 9.8 Critical |
| Archery v1.7.5 to v1.8.5 was discovered to contain a SQL injection vulnerability via the where parameter at /archive/apply. | ||||
| CVE-2022-38538 | 1 Archerydms | 1 Archery | 2024-11-21 | 9.8 Critical |
| Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module. | ||||
| CVE-2022-38537 | 1 Archerydms | 1 Archery | 2024-11-21 | 9.8 Critical |
| Archery v1.4.5 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_file, end_file, start_time, and stop_time parameters in the binlog2sql interface. | ||||
| CVE-2022-38304 | 1 Online Leave Management System Project | 1 Online Leave Management System | 2024-11-21 | 7.2 High |
| Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /maintenance/manage_leave_type.php. | ||||