Total
16419 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-48590 | 1 Sciencelogic | 1 Sl1 | 2024-11-21 | 8.8 High |
| A SQL injection vulnerability exists in the “admin dynamic app mib errors” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | ||||
| CVE-2022-48589 | 1 Sciencelogic | 1 Sl1 | 2024-11-21 | 8.8 High |
| A SQL injection vulnerability exists in the “reporting job editor” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | ||||
| CVE-2022-48588 | 1 Sciencelogic | 1 Sl1 | 2024-11-21 | 8.8 High |
| A SQL injection vulnerability exists in the “schedule editor decoupled” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | ||||
| CVE-2022-48587 | 1 Sciencelogic | 1 Sl1 | 2024-11-21 | 8.8 High |
| A SQL injection vulnerability exists in the “schedule editor” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | ||||
| CVE-2022-48586 | 1 Sciencelogic | 1 Sl1 | 2024-11-21 | 8.8 High |
| A SQL injection vulnerability exists in the “json walker” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | ||||
| CVE-2022-48585 | 1 Sciencelogic | 1 Sl1 | 2024-11-21 | 8.8 High |
| A SQL injection vulnerability exists in the “admin brand portal” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database. | ||||
| CVE-2022-47614 | 1 Inspireui | 1 Mstore Api | 2024-11-21 | 7.5 High |
| Unauth. SQL Injection (SQLi) vulnerability in InspireUI MStore API plugin <= 3.9.7 versions. | ||||
| CVE-2022-47593 | 1 Rapidload | 1 Rapidload Power-up For Autoptimize | 2024-11-21 | 8.5 High |
| Auth. (subscriber+) SQL Injection (SQLi) vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize plugin <= 1.6.35 versions. | ||||
| CVE-2022-47588 | 1 Tipsandtricks-hq | 1 Simple Photo Gallery | 2024-11-21 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tips and Tricks HQ, Peter Petreski Simple Photo Gallery simple-photo-gallery allows SQL Injection.This issue affects Simple Photo Gallery: from n/a through v1.8.1. | ||||
| CVE-2022-47586 | 1 Themefic | 1 Ultimate Addons For Contact Form 7 | 2024-11-21 | 8.2 High |
| Unauth. SQL Injection (SQLi) vulnerability in Themefic Ultimate Addons for Contact Form 7 plugin <= 3.1.23 versions. | ||||
| CVE-2022-47532 | 1 Filerun | 1 Filerun | 2024-11-21 | 9.8 Critical |
| FileRun 20220519 allows SQL Injection via the "dir" parameter in a /?module=users§ion=cpanel&page=list request. | ||||
| CVE-2022-47445 | 1 Web-x | 1 Be-popia-compliant | 2024-11-21 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Web-X Be POPIA Compliant be-popia-compliant allows SQL Injection.This issue affects Be POPIA Compliant: from n/a through 1.2.0. | ||||
| CVE-2022-47432 | 1 Kemalyazici | 1 Shortcode Imdb | 2024-11-21 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kemal YAZICI - PluginPress Shortcode IMDB allows SQL Injection.This issue affects Shortcode IMDB: from n/a through 6.0.8. | ||||
| CVE-2022-47430 | 1 Weblizar | 1 School Management - Education \& Learning Management | 2024-11-21 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Weblizar The School Management – Education & Learning Management allows SQL Injection.This issue affects The School Management – Education & Learning Management: from n/a through 4.1. | ||||
| CVE-2022-47428 | 1 Wpdevart | 1 Booking Calendar | 2024-11-21 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WpDevArt Booking calendar, Appointment Booking System allows SQL Injection.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.7. | ||||
| CVE-2022-47426 | 1 Neshan | 1 Neshan Maps | 2024-11-21 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Neshan Maps Platform Neshan Maps neshan-maps allows SQL Injection.This issue affects Neshan Maps: from n/a through 1.1.4. | ||||
| CVE-2022-47420 | 1 Adaplugin | 1 Accessibility Suite By Online Ada | 2024-11-21 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Online ADA Accessibility Suite by Online ADA allows SQL Injection.This issue affects Accessibility Suite by Online ADA: from n/a through 4.12. | ||||
| CVE-2022-46966 | 1 Revenue Collection System Project | 1 Revenue Collection System | 2024-11-21 | 9.8 Critical |
| Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php. | ||||
| CVE-2022-46860 | 1 Kaizencoders | 1 Short Url | 2024-11-21 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in KaizenCoders Short URL allows SQL Injection.This issue affects Short URL: from n/a through 1.6.4. | ||||
| CVE-2022-46859 | 1 Spiffyplugins | 1 Spiffy Calendar | 2024-11-21 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a through 4.9.1. | ||||