Export limit exceeded: 19010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-27369 | 1 Chshcms | 1 Cscms | 2024-11-21 | 7.2 High |
| Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component news_News.php_hy. | ||||
| CVE-2022-27368 | 1 Chshcms | 1 Cscms | 2024-11-21 | 7.2 High |
| Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Lists.php_zhuan. | ||||
| CVE-2022-27367 | 1 Chshcms | 1 Cscms | 2024-11-21 | 7.2 High |
| Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Topic.php_del. | ||||
| CVE-2022-27366 | 1 Chshcms | 1 Cscms | 2024-11-21 | 7.2 High |
| Cscms Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the component dance_Dance.php_hy. | ||||
| CVE-2022-27365 | 1 Chshcms | 1 Cscms | 2024-11-21 | 7.2 High |
| Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Dance.php_del. | ||||
| CVE-2022-27360 | 1 Bladex | 1 Springblade | 2024-11-21 | 9.8 Critical |
| SpringBlade v3.2.0 and below was discovered to contain a SQL injection vulnerability via the component customSqlSegment. | ||||
| CVE-2022-27342 | 1 Link-admin Project | 1 Link-admin | 2024-11-21 | 9.8 Critical |
| Link-Admin v0.0.1 was discovered to contain a SQL injection vulnerability via DictRest.ResponseResult(). | ||||
| CVE-2022-27341 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | 9.8 Critical |
| JFinalCMS v2.0 was discovered to contain a SQL injection vulnerability via the Article Management function. | ||||
| CVE-2022-27299 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 9.8 Critical |
| Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the component room.php. | ||||
| CVE-2022-27165 | 1 Cszcms | 1 Csz Cms | 2024-11-21 | 9.8 Critical |
| CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Plugin_manager_setstatus | ||||
| CVE-2022-27164 | 1 Cszcms | 1 Csz Cms | 2024-11-21 | 9.8 Critical |
| CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_viewUsers | ||||
| CVE-2022-27163 | 1 Cszcms | 1 Csz Cms | 2024-11-21 | 9.8 Critical |
| CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_editUser | ||||
| CVE-2022-27162 | 1 Cszcms | 1 Csz Cms | 2024-11-21 | 9.8 Critical |
| CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_editUser | ||||
| CVE-2022-27161 | 1 Cszcms | 1 Csz Cms | 2024-11-21 | 9.8 Critical |
| Csz Cms 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_viewUsers | ||||
| CVE-2022-27127 | 1 Zbzcms | 1 Zbzcms | 2024-11-21 | 6.5 Medium |
| zbzcms v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php/ajax.php. | ||||
| CVE-2022-27126 | 1 Zbzcms | 1 Zbzcms | 2024-11-21 | 9.8 Critical |
| zbzcms v1.0 was discovered to contain a SQL injection vulnerability via the art parameter at /include/make.php. | ||||
| CVE-2022-27123 | 1 Employee Performance Evaluation Project | 1 Employee Performance Evaluation | 2024-11-21 | 9.8 Critical |
| Employee Performance Evaluation v1.0 was discovered to contain a SQL injection vulnerability via the email parameter. | ||||
| CVE-2022-27104 | 1 Formalms | 1 Formalms | 2024-11-21 | 9.8 Critical |
| An Unauthenticated time-based blind SQL injection vulnerability exists in Forma LMS prior to v.1.4.3. | ||||
| CVE-2022-27041 | 1 Os4ed | 1 Opensis | 2024-11-21 | 7.5 High |
| Due to lack of protection, parameter student_id in OpenSIS Classic 8.0 /modules/eligibility/Student.php can be used to inject SQL queries to extract information from databases. | ||||
| CVE-2022-26986 | 1 Impresscms | 1 Impresscms | 2024-11-21 | 7.2 High |
| SQL Injection in ImpressCMS 1.4.3 and earlier allows remote attackers to inject into the code in unintended way, this allows an attacker to read and modify the sensitive information from the database used by the application. If misconfigured, an attacker can even upload a malicious web shell to compromise the entire system. | ||||