Total
17774 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-28512 | 1 Fantastic Blog Project | 1 Fantastic Blog | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability exists in Sourcecodester Fantastic Blog CMS 1.0 . An attacker can inject query in "/fantasticblog/single.php" via the "id=5" parameters. | |||||
| CVE-2022-28505 | 1 Jflyfox | 1 Jfinal Cms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Jfinal_cms 5.1.0 is vulnerable to SQL Injection via com.jflyfox.system.log.LogController.java. | |||||
| CVE-2022-28468 | 1 Payroll Management System Project | 1 Payroll Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Payroll Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter. | |||||
| CVE-2022-28467 | 1 Online Student Admission Project | 1 Online Student Admission | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Online Student Admission v1.0 was discovered to contain a SQL injection vulnerability via the txtapplicationID parameter. | |||||
| CVE-2022-28461 | 1 Mingyuefusu Project | 1 Mingyuefusu | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| mingyuefusu Library Management System all versions as of 03-27-2022 is vulnerable to SQL Injection. | |||||
| CVE-2022-28452 | 1 Redplanetcomputers | 1 Laundry Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Red Planet Laundry Management System 1.0 is vulnerable to SQL Injection. | |||||
| CVE-2022-28417 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_phase. | |||||
| CVE-2022-28416 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_phase. | |||||
| CVE-2022-28415 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_collection. | |||||
| CVE-2022-28414 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_member. | |||||
| CVE-2022-28413 | 1 Car Driving School Management System Project | 1 Car Driving School Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Car Driving School Management System v1.0 was discovered to contain a SQL injection vulnerability via /cdsms/classes/Master.php?f=delete_enrollment. | |||||
| CVE-2022-28412 | 1 Car Driving School Management System Project | 1 Car Driving School Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Car Driving School Managment System v1.0 was discovered to contain a SQL injection vulnerability via /cdsms/classes/Master.php?f=delete_package. | |||||
| CVE-2022-28411 | 1 Simple Real Estate Portal System Portal | 1 Simple Real Estate Portal System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/admin/?page=agents/manage_agent. | |||||
| CVE-2022-28410 | 1 Simple Real Estate Portal System Project | 1 Simple Real Estate Portal System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Users.php?f=delete_agent. | |||||
| CVE-2022-28347 | 2 Debian, Djangoproject | 2 Debian Linux, Django | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name. | |||||
| CVE-2022-28346 | 2 Debian, Djangoproject | 2 Debian Linux, Django | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs. | |||||
| CVE-2022-28163 | 1 Broadcom | 1 Sannav | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection, allowing an attacker to run arbitrary SQL commands. | |||||
| CVE-2022-28132 | 2024-11-21 | N/A | 7.2 HIGH | ||
| The T-Soft E-Commerce 4 web application is susceptible to SQL injection (SQLi) attacks when authenticated as an admin or privileged user. This vulnerability allows attackers to access and manipulate the database through crafted requests. By exploiting this flaw, attackers can bypass authentication mechanisms, view sensitive information stored in the database, and potentially exfiltrate data. | |||||
| CVE-2022-28116 | 1 Online Banking System Project | 1 Online Banking System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter. | |||||
| CVE-2022-28115 | 1 Online Sports Complex Booking Project | 1 Online Sports Complex Booking | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Online Sports Complex Booking v1.0 was discovered to contain a SQL injection vulnerability via the id parameter. | |||||