Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-06 | CVE-2022-40049 | SQL Injection vulnerability in Theme Park Ticketing System Project Theme Park Ticketing System 1.0 SQL injection vulnerability in sourcecodester Theme Park Ticketing System 1.0 allows remote attackers to view sensitive information via the id parameter to the /tpts/manage_user.php page. | 7.5 |
| 2023-01-05 | CVE-2022-47523 | SQL Injection vulnerability in Zohocorp Manageengine Password Manager PRO Zoho ManageEngine Access Manager Plus before 4309, Password Manager Pro before 12210, and PAM360 before 5801 are vulnerable to SQL Injection. | 9.8 |
| 2023-01-05 | CVE-2022-43519 | SQL Injection vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. | 8.8 |
| 2023-01-05 | CVE-2022-43520 | SQL Injection vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. | 8.8 |
| 2023-01-05 | CVE-2022-43521 | SQL Injection vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. | 8.8 |
| 2023-01-05 | CVE-2022-43522 | SQL Injection vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. | 8.8 |
| 2023-01-05 | CVE-2022-43523 | SQL Injection vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. | 8.8 |
| 2023-01-05 | CVE-2022-43530 | SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. | 8.8 |
| 2023-01-05 | CVE-2022-43531 | SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. | 8.8 |
| 2023-01-04 | CVE-2022-22338 | SQL Injection vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to SQL injection. | 9.8 |