Filtered by CWE-89
Filtered by vendor Subscriptions
Total 16424 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-34023 1 Barangay Management System Project 1 Barangay Management System 2024-11-21 9.8 Critical
Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /officials/officials.php.
CVE-2022-33875 1 Fortinet 1 Fortiadc 2024-11-21 5.1 Medium
An improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticatedĀ attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
CVE-2022-33171 1 Typeorm 1 Typeorm 2024-11-21 9.8 Critical
The findOne function in TypeORM before 0.3.0 can either be supplied with a string or a FindOneOptions object. When input to the function is a user-controlled parsed JSON object, supplying a crafted FindOneOptions instead of an id string leads to SQL injection. NOTE: the vendor's position is that the user's application is responsible for input validation
CVE-2022-33128 1 Ruijienetworks 2 Rg-eg350, Rg-eg350 Firmware 2024-11-21 9.1 Critical
RG-EG series gateway EG350 EG_RGOS 11.1(6) was discovered to contain a SQL injection vulnerability via the function get_alarmAction at /alarm_pi/alarmService.php.
CVE-2022-33114 1 Jflyfox 1 Jfinal Cms 2024-11-21 7.2 High
Jfinal CMS v5.1.0 was discovered to contain a SQL injection vulnerability via the attrVal parameter at /jfinal_cms/system/dict/list.
CVE-2022-33097 1 74cms 1 74cmsse 2024-11-21 7.5 High
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campus_job.
CVE-2022-33096 1 74cms 1 74cmsse 2024-11-21 7.5 High
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/resume/index.
CVE-2022-33095 1 74cms 1 74cmsse 2024-11-21 7.5 High
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.
CVE-2022-33094 1 74cms 1 74cmsse 2024-11-21 7.5 High
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/map.
CVE-2022-33093 1 74cms 1 74cmsse 2024-11-21 7.5 High
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the key parameter at /freelance/resume_list.
CVE-2022-33092 1 74cms 1 74cmsse 2024-11-21 7.5 High
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/index.
CVE-2022-33061 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 7.2 High
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_service.
CVE-2022-33060 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 7.2 High
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_schedule.
CVE-2022-33059 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 7.2 High
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_train.
CVE-2022-33058 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 7.2 High
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_message.
CVE-2022-33057 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 7.2 High
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_reservation.
CVE-2022-33056 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 7.2 High
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/schedules/manage_schedule.php.
CVE-2022-33055 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 7.2 High
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/trains/manage_train.php.
CVE-2022-33049 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 7.2 High
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/?page=user/manage_user.
CVE-2022-33048 1 Online Railway Reservation System Project 1 Online Railway Reservation System 2024-11-21 7.2 High
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/reservations/view_details.php.