Total
18613 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-3141 | 1 Cozmoslabs | 1 Translatepress | 2024-11-21 | 8.8 High |
| The Translate Multilingual sites WordPress plugin before 2.3.3 is vulnerable to an authenticated SQL injection. By adding a new language (via the settings page) containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected. | ||||
| CVE-2022-39822 | 1 Nokia | 1 Network Functions Manager For Transport | 2024-11-21 | 8.8 High |
| In NOKIA NFM-T R19.9, a SQL Injection vulnerability occurs in /cgi-bin/R19.9/easy1350.pl of the VM Manager WebUI via the id or host HTTP GET parameter. An authenticated attacker is required for exploitation. | ||||
| CVE-2022-39817 | 1 Nokia | 1 1350 Optical Management System | 2024-11-21 | 8.8 High |
| In NOKIA 1350 OMS R14.2, multiple SQL Injection vulnerabilities occurs. Exploitation requires an authenticated attacker. Through the injection of arbitrary SQL statements, a potential authenticated attacker can modify query syntax and perform unauthorized (and unexpected) operations against the remote database. | ||||
| CVE-2022-38812 | 1 Aerocms Project | 1 Aerocms | 2024-11-21 | 6.5 Medium |
| AeroCMS 0.1.1 is vulnerable to SQL Injection via the author parameter. | ||||
| CVE-2022-38808 | 1 Yimihome | 1 Ywoa | 2024-11-21 | 8.8 High |
| ywoa v6.1 is vulnerable to SQL Injection via backend/oa/visual/exportExcel.do interface. | ||||
| CVE-2022-38771 | 1 Transtek | 1 Mojodat Fixed Asset Management | 2024-11-21 | 9.8 Critical |
| The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to send SCRIPT tags as injected input to the API request. | ||||
| CVE-2022-38637 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 9.8 Critical |
| Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the Username and Password parameters on the Login page. | ||||
| CVE-2022-38618 | 1 Bpcbt | 1 Smartvista | 2024-11-21 | 8.8 High |
| SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id88, UserForm:j_id90, and UserForm:j_id92 parameters at /SVFE2/pages/feegroups/country_group.jsf. | ||||
| CVE-2022-38617 | 1 Bpcbt | 1 Smartvista | 2024-11-21 | 8.8 High |
| SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the voiceAudit:j_id97 parameter at /SVFE2/pages/audit/voiceaudit.jsf. | ||||
| CVE-2022-38616 | 1 Bpcbt | 1 Smartvista Front-end | 2024-11-21 | 8.8 High |
| SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /feegroups/tgrt_group.jsf. | ||||
| CVE-2022-38615 | 1 Bpcbt | 1 Smartvista Front-end | 2024-11-21 | 8.8 High |
| SmartVista SVFE2 v2.2.22 was discovered to contain multiple SQL injection vulnerabilities via the UserForm:j_id88, UserForm:j_id90, and UserForm:j_id92 parameters at /SVFE2/pages/feegroups/service_group.jsf. | ||||
| CVE-2022-38610 | 1 Garage Management System Project | 1 Garage Management System | 2024-11-21 | 7.2 High |
| Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editclient.php. | ||||
| CVE-2022-38606 | 1 Garage Management System Project | 1 Garage Management System | 2024-11-21 | 7.2 High |
| Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editcategory.php. | ||||
| CVE-2022-38605 | 1 Church Management System Project | 1 Church Management System | 2024-11-21 | 7.2 High |
| Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_event.php. | ||||
| CVE-2022-38595 | 1 Church Management System Project | 1 Church Management System | 2024-11-21 | 7.2 High |
| Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_user.php. | ||||
| CVE-2022-38594 | 1 Church Management System Project | 1 Church Management System | 2024-11-21 | 7.2 High |
| Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_visitor.php. | ||||
| CVE-2022-38542 | 1 Archerydms | 1 Archery | 2024-11-21 | 9.8 Critical |
| Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the kill_session interface. The project has released an update, please upgrade to v1.9.0 and above. | ||||
| CVE-2022-38541 | 1 Archerydms | 1 Archery | 2024-11-21 | 9.8 Critical |
| Archery v1.8.3 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_time and stop_time parameters in the my2sql interface. | ||||
| CVE-2022-38540 | 1 Archerydms | 1 Archery | 2024-11-21 | 9.8 Critical |
| Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the create_kill_session interface. | ||||
| CVE-2022-38539 | 1 Archerydms | 1 Archery | 2024-11-21 | 9.8 Critical |
| Archery v1.7.5 to v1.8.5 was discovered to contain a SQL injection vulnerability via the where parameter at /archive/apply. | ||||