ReportizFlow
Filtered by vendor
Subscriptions
Total
17339 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-24240 | 1 Aceware | 1 Aceweb Online Portal | 2024-11-21 | 9.8 Critical |
| ACEweb Online Portal 3.5.065 was discovered to contain a SQL injection vulnerability via the criteria parameter in showschedule.awp. | ||||
| CVE-2022-24231 | 1 Simple Student Information System Project | 1 Simple Student Information System | 2024-11-21 | 9.8 Critical |
| Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability via add/Student. | ||||
| CVE-2022-24226 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 7.5 High |
| Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php. | ||||
| CVE-2022-24223 | 1 Thedigitalcraft | 1 Atomcms | 2024-11-21 | 9.8 Critical |
| AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php. | ||||
| CVE-2022-24222 | 1 Elitecms | 1 Elite Cms | 2024-11-21 | 9.8 Critical |
| eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php. | ||||
| CVE-2022-24221 | 1 Elitecms | 1 Elite Cms | 2024-11-21 | 9.8 Critical |
| eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php. | ||||
| CVE-2022-24220 | 1 Elitecms | 1 Elite Cms | 2024-11-21 | 9.8 Critical |
| eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_post.php. | ||||
| CVE-2022-24219 | 1 Elitecms | 1 Elite Cms | 2024-11-21 | 9.8 Critical |
| eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php. | ||||
| CVE-2022-24206 | 1 Tongda2000 | 1 Tongda Office Anywhere | 2024-11-21 | 9.8 Critical |
| Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter. | ||||
| CVE-2022-24124 | 1 Casbin | 1 Casdoor | 2024-11-21 | 7.5 High |
| The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and value parameters, as demonstrated by api/get-organizations. | ||||
| CVE-2022-24121 | 2 Centos, Unifiedoffice | 2 Centos, Total Connect Now | 2024-11-21 | 7.5 High |
| SQL Injection vulnerability discovered in Unified Office Total Connect Now that would allow an attacker to extract sensitive information through a cookie parameter. | ||||
| CVE-2022-23986 | 1 Phpuploader Project | 1 Phpuploader | 2024-11-21 | 7.5 High |
| SQL injection vulnerability in the phpUploader v1.2 and earlier allows a remote unauthenticated attacker to obtain the information in the database via unspecified vectors. | ||||
| CVE-2022-23972 | 1 Asus | 2 Rt-ax56u, Rt-ax56u Firmware | 2024-11-21 | 8.8 High |
| ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. An unauthenticated LAN attacker to inject arbitrary SQL code to read, modify and delete database. | ||||
| CVE-2022-23911 | 1 Accesspressthemes | 1 Ap Custom Testimonial | 2024-11-21 | 7.2 High |
| The Testimonial WordPress Plugin WordPress plugin before 1.4.7 does not validate and escape the id parameter before using it in a SQL statement when retrieving a testimonial to edit, leading to a SQL Injection | ||||
| CVE-2022-23902 | 1 Tongda2000 | 1 Tongda Office Anywhere | 2024-11-21 | 9.8 Critical |
| Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter. | ||||
| CVE-2022-23899 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 9.8 Critical |
| MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java. | ||||
| CVE-2022-23898 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 9.8 Critical |
| MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml. | ||||
| CVE-2022-23882 | 1 Tuzicms | 1 Tuzicms | 2024-11-21 | 9.8 Critical |
| TuziCMS 2.0.6 is affected by SQL injection in \App\Manage\Controller\BannerController.class.php. | ||||
| CVE-2022-23873 | 1 Victor Cms Project | 1 Victor Cms | 2024-11-21 | 8.8 High |
| Victor CMS v1.0 was discovered to contain a SQL injection vulnerability that allows attackers to inject arbitrary commands via 'user_firstname' parameter. | ||||
| CVE-2022-23865 | 1 Wecul | 1 Nyron | 2024-11-21 | 9.8 Critical |
| Nyron 1.0 is affected by a SQL injection vulnerability through Nyron/Library/Catalog/winlibsrch.aspx. To exploit this vulnerability, an attacker must inject '"> on the thes1 parameter. | ||||