Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-12-01 CVE-2022-3710 SQL Injection vulnerability in Sophos XG Firewall Firmware 17.0/17.5/18.0
A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall older than version 19.5 GA.
network
low complexity
sophos CWE-89
2.7
2022-12-01 CVE-2022-3711 SQL Injection vulnerability in Sophos XG Firewall Firmware 17.0/17.5/18.0
A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall older than version 19.5 GA.
network
low complexity
sophos CWE-89
4.3
2022-11-30 CVE-2022-44294 SQL Injection vulnerability in Sanitization Management System Project Sanitization Management System 1.0
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=services/manage_service&id=.
7.2
2022-11-30 CVE-2022-44295 SQL Injection vulnerability in Sanitization Management System Project Sanitization Management System 1.0
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/orders/assign_team.php?id=.
7.2
2022-11-30 CVE-2022-44296 SQL Injection vulnerability in Sanitization Management System Project Sanitization Management System 1.0
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/quotes/manage_remark.php?id=.
7.2
2022-11-30 CVE-2022-44151 SQL Injection vulnerability in Sanitization Management System Project Sanitization Management System 1.0
Simple Inventory Management System v1.0 is vulnerable to SQL Injection via /ims/login.php.
network
low complexity
sanitization-management-system-project CWE-89
critical
9.8
2022-11-30 CVE-2022-4222 SQL Injection vulnerability in Canteen Management System Project Canteen Management System 1.0
A vulnerability was found in SourceCodester Canteen Management System.
network
low complexity
canteen-management-system-project CWE-89
critical
9.8
2022-11-30 CVE-2022-45328 SQL Injection vulnerability in Church Management System Project Church Management System 1.0
Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_members.php.
network
low complexity
church-management-system-project CWE-89
7.2
2022-11-29 CVE-2022-3751 SQL Injection vulnerability in Owncast Project Owncast
SQL Injection in GitHub repository owncast/owncast prior to 0.0.13.
network
low complexity
owncast-project CWE-89
critical
9.8
2022-11-29 CVE-2022-45329 SQL Injection vulnerability in Aerocms Project Aerocms 0.0.1
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Search parameter.
network
low complexity
aerocms-project CWE-89
7.5