16790 matches found
CVE-2022-26169
Air Cargo Management System v1.0 was discovered to contain a SQL injection vulnerability via the refcode parameter...
CVE-2022-26170
Simple Mobile Comparison Website v1.0 was discovered to contain a SQL injection vulnerability via the search parameter...
CVE-2022-26633
Simple Student Quarterly Result/Grade System v1.0 was discovered to contain a SQL injection vulnerability via /sqgs/Actions.php...
CVE-2022-26301
TuziCMS v2.0.6 was discovered to contain a SQL injection vulnerability via the component App\Manage\Controller\ZhuantiController.class.php...
CVE-2022-26293
Online Project Time Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the function saveemployee at /ptms/classes/Users.php...
CVE-2022-26266
Piwigo v12.2.0 was discovered to contain a SQL injection vulnerability via pwg.users.php...
CVE-2022-35175
Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hiddenid parameter at /blotter/blotter.php...
CVE-2022-35148
maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability via the table parameter at database/columns.html...
CVE-2022-35115
IceWarp WebClient DC2 - Update 2 Build 9 13.0.2.9 was discovered to contain a SQL injection vulnerability via the search parameter at /webmail/server/webmail.php...
CVE-2022-35599
A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter productcode...
CVE-2022-35605
A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as 'users', 'pass', etc...
CVE-2022-35606
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameter 'customerCode.'...
CVE-2022-35422
Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the qid parameter at update.php...
CVE-2017-12947
classes\controller\admin\modals.php in the Easy Modal plugin before 2.1.0 for WordPress has SQL injection in an untrash action with the id, ids, or modal parameter to wp-admin/admin.php, exploitable by administrators...
CVE-2017-18515
The wp-statistics plugin before 12.0.8 for WordPress has SQL injection...
CVE-2017-18614
The kama-clic-counter plugin 3.4.9 for WordPress has SQL injection via the admin.php order parameter...
CVE-2017-18290
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET sortdirection parameter...
CVE-2017-18289
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ladder/stats.php via the GET type parameter...
CVE-2017-18287
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the POST usersearch parameter...
CVE-2008-6046
SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in 1 optinout.php.inc, 2 confirmation.php.inc, and 3 renewal.php.inc in mailinglist/...