Export limit exceeded: 18785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18785 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34586 | 1 Advanced School Management System Project | 1 Advanced School Management System | 2024-11-21 | 8.8 High |
| itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/student_grade_wise.php. | ||||
| CVE-2022-34557 | 1 Barangay Management System Project | 1 Barangay Management System | 2024-11-21 | 8.8 High |
| Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /pages/permit/permit.php. | ||||
| CVE-2022-34042 | 1 Barangay Management System Project | 1 Barangay Management System | 2024-11-21 | 7.2 High |
| Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /pages/household/household.php. | ||||
| CVE-2022-34023 | 1 Barangay Management System Project | 1 Barangay Management System | 2024-11-21 | 9.8 Critical |
| Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /officials/officials.php. | ||||
| CVE-2022-33875 | 1 Fortinet | 1 Fortiadc | 2024-11-21 | 5.1 Medium |
| An improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests. | ||||
| CVE-2022-33171 | 1 Typeorm | 1 Typeorm | 2024-11-21 | 9.8 Critical |
| The findOne function in TypeORM before 0.3.0 can either be supplied with a string or a FindOneOptions object. When input to the function is a user-controlled parsed JSON object, supplying a crafted FindOneOptions instead of an id string leads to SQL injection. NOTE: the vendor's position is that the user's application is responsible for input validation | ||||
| CVE-2022-33128 | 1 Ruijienetworks | 2 Rg-eg350, Rg-eg350 Firmware | 2024-11-21 | 9.1 Critical |
| RG-EG series gateway EG350 EG_RGOS 11.1(6) was discovered to contain a SQL injection vulnerability via the function get_alarmAction at /alarm_pi/alarmService.php. | ||||
| CVE-2022-33114 | 1 Jflyfox | 1 Jfinal Cms | 2024-11-21 | 7.2 High |
| Jfinal CMS v5.1.0 was discovered to contain a SQL injection vulnerability via the attrVal parameter at /jfinal_cms/system/dict/list. | ||||
| CVE-2022-33097 | 1 74cms | 1 74cmsse | 2024-11-21 | 7.5 High |
| 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campus_job. | ||||
| CVE-2022-33096 | 1 74cms | 1 74cmsse | 2024-11-21 | 7.5 High |
| 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/resume/index. | ||||
| CVE-2022-33095 | 1 74cms | 1 74cmsse | 2024-11-21 | 7.5 High |
| 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist. | ||||
| CVE-2022-33094 | 1 74cms | 1 74cmsse | 2024-11-21 | 7.5 High |
| 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/map. | ||||
| CVE-2022-33093 | 1 74cms | 1 74cmsse | 2024-11-21 | 7.5 High |
| 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the key parameter at /freelance/resume_list. | ||||
| CVE-2022-33092 | 1 74cms | 1 74cmsse | 2024-11-21 | 7.5 High |
| 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/index. | ||||
| CVE-2022-33061 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2024-11-21 | 7.2 High |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_service. | ||||
| CVE-2022-33060 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2024-11-21 | 7.2 High |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_schedule. | ||||
| CVE-2022-33059 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2024-11-21 | 7.2 High |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_train. | ||||
| CVE-2022-33058 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2024-11-21 | 7.2 High |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_message. | ||||
| CVE-2022-33057 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2024-11-21 | 7.2 High |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_reservation. | ||||
| CVE-2022-33056 | 1 Online Railway Reservation System Project | 1 Online Railway Reservation System | 2024-11-21 | 7.2 High |
| Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/schedules/manage_schedule.php. | ||||