Total
15270 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-24607 | 1 Luocms Project | 1 Luocms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Luocms v2.0 is affected by SQL Injection in /admin/news/news_ok.php. | |||||
| CVE-2022-24606 | 1 Luocms Project | 1 Luocms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Luocms v2.0 is affected by SQL Injection in /admin/news/sort_ok.php. | |||||
| CVE-2022-24605 | 1 Luocms Project | 1 Luocms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Luocms v2.0 is affected by SQL Injection in /admin/link/link_ok.php. | |||||
| CVE-2022-24604 | 1 Luocms Project | 1 Luocms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Luocms v2.0 is affected by SQL Injection in /admin/link/link_mod.php. | |||||
| CVE-2022-24603 | 1 Luocms Project | 1 Luocms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Luocms v2.0 is affected by SQL Injection in /admin/news/sort_mod.php. | |||||
| CVE-2022-24602 | 1 Luocms Project | 1 Luocms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Luocms v2.0 is affected by SQL Injection in /admin/news/news_mod.php. | |||||
| CVE-2022-24601 | 1 Luocms Project | 1 Luocms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Luocms v2.0 is affected by SQL Injection in /admin/manager/admin_mod.php. An attacker can obtain sensitive information through SQL injection statements. | |||||
| CVE-2022-24600 | 1 Luocms Project | 1 Luocms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Luocms v2.0 is affected by SQL Injection through /admin/login.php. An attacker can log in to the background through SQL injection statements. | |||||
| CVE-2022-24571 | 1 Car Driving School Management System Project | 1 Car Driving School Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Car Driving School Management System v1.0 is affected by SQL injection in the login page. An attacker can use simple SQL login injection payload to get admin access. | |||||
| CVE-2022-24407 | 5 Cyrusimap, Debian, Fedoraproject and 2 more | 8 Cyrus-sasl, Debian Linux, Fedora and 5 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. | |||||
| CVE-2022-24391 | 1 Fidelissecurity | 2 Deception, Network | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Vulnerability in Fidelis Network and Deception CommandPost enables SQL injection through the web interface by an attacker with user level access. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. | |||||
| CVE-2022-24281 | 1 Siemens | 1 Sinec Network Management System | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). A privileged authenticated attacker could execute arbitrary commands in the local database by sending specially crafted requests to the webserver of the affected application. | |||||
| CVE-2022-24266 | 1 Cuppacms | 1 Cuppacms | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/table_manager/ via the order_by parameter. | |||||
| CVE-2022-24265 | 1 Cuppacms | 1 Cuppacms | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/menu/ via the path=component/menu/&menu_filter=3 parameter. | |||||
| CVE-2022-24264 | 1 Cuppacms | 1 Cuppacms | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/table_manager/ via the search_word parameter. | |||||
| CVE-2022-24263 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter. | |||||
| CVE-2022-24260 | 1 Voipmonitor | 1 Voipmonitor | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator level. | |||||
| CVE-2022-24240 | 1 Aceware | 1 Aceweb Online Portal | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ACEweb Online Portal 3.5.065 was discovered to contain a SQL injection vulnerability via the criteria parameter in showschedule.awp. | |||||
| CVE-2022-24231 | 1 Simple Student Information System Project | 1 Simple Student Information System | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability via add/Student. | |||||
| CVE-2022-24226 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php. | |||||