U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): SQL injection
There are 11,195 matching records.
Displaying matches 801 through 820.
Vuln ID Summary CVSS Severity
CVE-2022-36696

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_stockout.

Published: August 25, 2022; 6:15:08 PM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-36695

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_stockin.

Published: August 25, 2022; 6:15:08 PM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-36693

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_item.

Published: August 25, 2022; 6:15:08 PM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-36692

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category.

Published: August 25, 2022; 6:15:08 PM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2021-43329

A SQL injection vulnerability in license_update.php in Mumara Classic through 2.93 allows a remote unauthenticated attacker to execute arbitrary SQL commands via the license parameter.

Published: August 25, 2022; 6:15:08 PM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-36703

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /stocks/manage_stockin.php.

Published: August 25, 2022; 5:15:08 PM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-36701

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/view_item.php.

Published: August 25, 2022; 5:15:08 PM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-36700

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/manage_item.php.

Published: August 25, 2022; 5:15:08 PM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-36699

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/manage_category.php.

Published: August 25, 2022; 5:15:08 PM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-36698

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/view_category.php.

Published: August 25, 2022; 5:15:08 PM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-2957

A vulnerability classified as critical was found in SourceCodester Simple and Nice Shopping Cart Script. Affected by this vulnerability is an unknown functionality of the file /mkshop/Men/profile.php. The manipulation of the argument mem_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207001 was assigned to this vulnerability.

Published: August 25, 2022; 2:15:07 AM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-37178

An issue was discovered in 72crm 9.0. There is a SQL Injection vulnerability in View the task calendar.

Published: August 24, 2022; 1:15:08 PM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-37333

SQL injection vulnerability in the Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier) allows remote authenticated attackers to execute arbitrary SQL commands.

Published: August 24, 2022; 5:15:08 AM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-35115

IceWarp WebClient DC2 - Update 2 Build 9 (13.0.2.9) was discovered to contain a SQL injection vulnerability via the search parameter at /webmail/server/webmail.php.

Published: August 23, 2022; 2:15:08 PM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-37113

Bluecms 1.6 has SQL injection in line 132 of admin/area.php

Published: August 23, 2022; 12:15:11 PM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-37112

BlueCMS 1.6 has SQL injection in line 55 of admin/model.php

Published: August 23, 2022; 12:15:11 PM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-37111

BlueCMS 1.6 has SQL injection in line 132 of admin/article.php

Published: August 23, 2022; 12:15:11 PM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-36394

Authenticated (author+) SQL Injection (SQLi) vulnerability in Contest Gallery plugin <= 17.0.4 at WordPress.

Published: August 23, 2022; 12:15:11 PM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-37223

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/role/list.

Published: August 23, 2022; 10:15:08 AM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-37199

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/user/list.

Published: August 23, 2022; 9:15:08 AM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)