CWE:
 

Tytuł
Data
Autor
Med.
Helmet Store Showroom 1.0 SQL Injection
26.11.2022
syad
Med.
Sanitization Management System 1.0 SQL Injection
26.11.2022
nu11secur1ty
Med.
Revenue Collection System 1.0 SQL Injection / Remote Code Execution
17.11.2022
Joe Pollock
High
Simmeth System GmbH Supplier Manager LFI / SQL Injection / Bypass
15.11.2022
Steffen Robertz
Med.
Senayan Library Management System 9.5.0 SQL Injection
04.11.2022
nu11secur1ty
Med.
Simple Cold Storage Management System 1.0 SQL Injection
31.10.2022
QiaoRui Feng
Med.
WordPress Zephyr Project Manager 3.2.42 SQL Injection
15.10.2022
Rizacan Tufan
Med.
Online Shopping System Advanced 1.0 SQL Injection
12.10.2022
nu11secur1ty
Med.
Joomla JUX Charity Hub 1.0.4 SQL Injection
05.10.2022
CraCkEr
Med.
Joomla JKassa ShoppingCart 2.0.0 SQL Injection
04.10.2022
CraCkEr
Med.
Canteen Management 1.0-2022 SQL Injection
04.10.2022
nu11secur1ty
High
ZKSecurity BIO 4.1.2 SQL Injection / Code Execution
01.10.2022
Silton Santos
Med.
Joomla JS Jobs Pro 1.3.6 SQL Injection
01.10.2022
CraCkEr
Med.
Joomla AdsManager 3.2.0 SQL Injection
29.09.2022
CraCkEr
Med.
Food Ordering Management System 1.0 SQL Injection
27.09.2022
Yousef Alraddadi
Med.
WorkOrder CMS 0.1.0 SQL Injection
24.09.2022
Chokri Hammedi
High
VIAVIWEB Wallpaper Admin SQL Injection / Shell Upload
22.09.2022
Edd13Mora
Med.
Social Share Button 2.2.3 SQL Injection
16.09.2022
nu11secur1ty
Med.
Rocket LMS 1.6 SQL Injection
16.09.2022
CraCkEr
Med.
Online Market Place Site 1.0 SQL Injection
06.09.2022
Joe Pollock
Med.
WordPress Core Cross Site Scripting / SQL Injection
31.08.2022
Khalilov Moe
Med.
AeroCMS 0.0.1 SQL Injection
29.08.2022
nu11secur1ty
Med.
Personnel Property Equipment 2015-2022 SQL Injection
22.08.2022
nu11secur1ty
Med.
Inout RealEstate 2.1.2 SQL Injection
15.08.2022
CraCkEr
Med.
Gas Agency Management 2022 SQL Injection / XSS / Shell Upload
14.08.2022
nu11secur1ty
Med.
Prestashop Blockwishlist 2.1.0 SQL Injection
14.08.2022
Karthik UJ
Med.
Readymade Job Portal Script SQL Injection
14.08.2022
CraCkEr
Med.
Matrimonial PHP Script 1.0 SQL Injection
12.08.2022
CraCkEr
Med.
Multi-Language Hotel Management 2022 1.0 SQL Injection
03.08.2022
nu11secur1ty
Med.
CodeIgniter CMS 4.2.0 SQL Injection
02.08.2022
E1.Coders
Med.
Hospital Information System 1.0 SQL Injection
26.07.2022
saitamang
Med.
Expert X Jobs Portal And Resume Builder 1.0 SQL Injection
26.07.2022
CraCkEr
Med.
Marty Marketplace Multi Vendor Ecommerce Script 1.2 SQL Injection
25.07.2022
CraCkEr
Med.
Royal Event Management System 1.0 todate SQL Injection (Authenticated)
23.07.2022
Eren Gozaydin
Med.
Emporium eCommerce Online Shopping CMS 1.2 SQL Injection
20.07.2022
CraCkEr
Med.
Orange Station 1.0 SQL Injection
18.07.2022
nu11secur1ty
Med.
Travel Tours Script 1.0 SQL Injection
18.07.2022
CraCkEr
Med.
CSZ CMS 1.3.0 SQL Injection
17.07.2022
Dogukan Dincer
Med.
Online Discussion Forum Site 1.0 SQL Injection
17.07.2022
Saud Alenazi
Med.
WordPress Visual Slide Box Builder 3.2.9 SQL Injection
12.07.2022
nu11secur1ty
Med.
Advanced Testimonials Manager 5.6 SQL Injection
05.07.2022
indoushka
Med.
OPSTECH Thailand Gov Management System Multiple Vulnerabilities
04.07.2022
NaughtySec
Med.
Stock Management System 2020 SQL Injection
04.07.2022
nu11secur1ty
Med.
DouPHP 1.2 Release 20141027 SQL Injection
04.07.2022
indoushka
Med.
Library Management System With QR Code 1.0 SQL Injection
28.06.2022
Ashish Kumar
Med.
Coffee Shop Cashiering System 1.0 SQL Injection
28.06.2022
syad
Med.
Virtua Software Cobranca 12S SQL Injection
20.06.2022
Luca Regne
Med.
ChurchCRM 4.4.5 SQL Injection
20.06.2022
nu11secur1ty
Med.
Warehouse Management System 2022 SQL Injection
20.06.2022
nu11secur1ty
Med.
Old Age Home Management System 1.0 SQL Injection
20.06.2022
twseptian
Med.
Fast Food Ordering System 1.0 SQL Injection
01.06.2022
nu11secur1ty
Med.
Online Fire Reporting System 1.0 SQL Injection
25.05.2022
nu11secur1ty
Med.
CLink Office 2.0 SQL Injection
25.05.2022
Stephen Tsoi
Med.
Blockchain FiatExchanger 2.2.1 SQL Injection
24.05.2022
Mohamed N. Ali
Med.
Blockchain AltExchanger 1.2.1 SQL Injection
24.05.2022
Mohamed N. Ali
Med.
SAP Application Server ABAP / ABAP Platform Code Injection / SQL Injection / Missing Authorization
22.05.2022
Fabian Hagg
Med.
T-Soft E-Commerce 4 SQL Injection
17.05.2022
Alperen Ergel
Med.
WebTareas 2.4 SQL Injection
11.05.2022
Behrad Taher
Med.
Travel Management System 1.0 SQL Injection
09.05.2022
nu11secur1ty
Med.
School Dormitory Management 1.0 SQL Injection
09.05.2022
nu11secur1ty
Med.
Red Planet Laundry Management System 1.0 SQL Injection
08.05.2022
nu11secur1ty
Med.
ChatBot Application With A Suggestion Feature 1.0 SQL Injection
06.05.2022
Saud Alenazi
Med.
Toll Tax Management System 1.0 SQL Injection
03.05.2022
nu11secur1ty
Med.
Home Clean Service System 1.0 SQL Injection
01.05.2022
nu11secur1ty
Med.
Joomla Sexy Polling 2.1.7 SQL Injection
26.04.2022
Wolfgang Hotwagner
Med.
Explore CMS 1.0 SQL Injection
13.04.2022
Sajibe Kanti
Med.
Bakery Shop Management System 1.0 SQL Injection
06.04.2022
Hejap Zairy
Med.
Medical Hub Directory Site 1.0 SQL Injection
01.04.2022
Saud Alenazi
Med.
Message System 1.0 SQL Injection
31.03.2022
Hejap Zairy
Med.
CSZ CMS 1.2.9 SQL Injection
30.03.2022
Rahad Chowdhury
Med.
Sports Complex Booking System 1.0 SQL Injection
25.03.2022
Hejap Zairy
Med.
Microfinance Management System 1.0 SQL Injection
24.03.2022
Hejap Zairy
Med.
Online Sports Complex Booking System 1.0 SQL Injection
24.03.2022
Saud Alenazi
Med.
Baixar GLPI Project 9.4.6 SQL Injection
17.03.2022
Joas Antonio
Med.
Moodle 3.11.5 SQL Injection
16.03.2022
Chris Anastasio
Med.
Employee Performance Evaluation System 1.0 SQL Injection
13.03.2022
nu11secur1ty
Med.
Matrimony 1.0 SQL Injection
07.03.2022
nu11secur1ty
Med.
Car Driving School Management 1.0 SQL Injection
02.03.2022
nu11secur1ty
Med.
Casdoor 1.13.0 SQL Injection
01.03.2022
Mayank Deshmukh
Med.
Simple Mobile Comparison Website 1.0 SQL Injection
28.02.2022
nu11secur1ty
Med.
Bank Management System 1.0 SQL Injection
28.02.2022
nu11secur1ty
Med.
WordPress Perfect Survey 1.5.1 SQL Injection
23.02.2022
Ron Jost
Med.
Cab Management System 1.0 SQL Injection
23.02.2022
Alperen Ergel
Med.
WordPress WP User Frontend 3.5.25 SQL Injection
22.02.2022
Ron Jost
Med.
Auto Spare Parts Management 1.0 SQL Injection
22.02.2022
nu11secur1ty
Med.
Air Cargo Management System 1.0 SQL Injection
22.02.2022
nu11secur1ty
Med.
Medical Store Management System 1.0 SQL Injection
17.02.2022
nu11secur1ty
Med.
Vicidial 2.14-783a SQL Injection
17.02.2022
Vulnerability Laborato...
Med.
WordPress Secure Copy Content Protection And Content Locking 2.8.1 SQL Injection
14.02.2022
Ron Jost
Med.
Accounting Journal Management System 1.0 SQL Injection
13.02.2022
Alperen Ergel
Med.
Home Owners Collection Management System 1.0 SQL Injection
12.02.2022
Saud Alenazi
Med.
Tokheim Profleet DiaLOG Fuel Management System 11.005.02 SQL Injection / Code Execution
12.02.2022
golem445
Med.
Atom CMS 2.0 SQL Injection
09.02.2022
Luca Cuzzolin
Med.
Moodle 3.11.4 SQL Injection
04.02.2022
lavclash75
Med.
WordPress Download Monitor WordPress 4.4.4 SQL Injection
03.02.2022
Ron Jost
Med.
Wordpress Plugin 404 to 301 2.0.2 SQL-Injection (Authenticated)
02.02.2022
Ron Jost
Med.
WordPress Modern Events Calendar 6.1 SQL Injection
28.01.2022
Ron Jost
Med.
WordPress RegistrationMagic V 5.0.1.5 SQL Injection
27.01.2022
Ron Jost
Med.
Online Project Time Management 1.0 SQL Injection
24.01.2022
nu11secur1ty
Med.
WordPress Plugin WP Visitor Statistics 4.7 SQL Injection
18.01.2022
Ron Jost


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2022-11-28
Waiting for details
CVE-2022-3865

Updating...
 

 
The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin

 
Waiting for details
CVE-2022-3849

Updating...
 

 
The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin

 
Waiting for details
CVE-2022-3848

Updating...
 

 
The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin

 
Waiting for details
CVE-2022-3769

Updating...
 

 
The OWM Weather WordPress plugin before 5.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as contributor

 
Waiting for details
CVE-2022-3689

Updating...
 

 
The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users

 
2022-11-24
Waiting for details
CVE-2022-4088

Updating...
 

 
A vulnerability was found in rickxy Stock Management System and classified as critical. Affected by this issue is some unknown functionality of the file /pages/processlogin.php. The manipulation of the argument user/password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-214322 is the identifier assigned to this vulnerability.

 
2022-11-21
Waiting for details
CVE-2022-3720

Updating...
 

 
The Event Monster WordPress plugin before 1.2.0 does not validate and escape some parameters before using them in SQL statements, which could lead to SQL Injection exploitable by high privilege users

 
2022-11-17
Waiting for details
CVE-2022-4051

Updating...
 

 
A vulnerability has been found in Hostel Searching Project and classified as critical. This vulnerability affects unknown code of the file view-property.php. The manipulation of the argument property_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-213844.

 
Waiting for details
CVE-2022-43506

Updating...
 

 
SQL Injection in HandlerTag_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network

 
Waiting for details
CVE-2022-43452

Updating...
 

 
SQL Injection in FtyInfoSetting.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network

 

 


Copyright 2022, cxsecurity.com

 

Back to Top