Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-18 | CVE-2022-44415 | SQL Injection vulnerability in Automotive Shop Management System Project Automotive Shop Management System 1.0 Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/mechanics/view_mechanic.php?id=. | 7.2 |
| 2022-11-18 | CVE-2022-44820 | SQL Injection vulnerability in Automotive Shop Management System Project Automotive Shop Management System 1.0 Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=transactions/manage_transaction&id=. | 7.2 |
| 2022-11-18 | CVE-2022-44378 | SQL Injection vulnerability in Automotive Shop Management System Project Automotive Shop Management System 1.0 Automotive Shop Management System v1.0 is vulnerable to SQL via /asms/classes/Master.php?f=delete_mechanic. | 7.2 |
| 2022-11-18 | CVE-2022-44379 | SQL Injection vulnerability in Automotive Shop Management System Project Automotive Shop Management System 1.0 Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_service. | 7.2 |
| 2022-11-17 | CVE-2022-39179 | SQL Injection vulnerability in College Management System Project College Management System 1.0 College Management System v1.0 - Authenticated remote code execution. An admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload .php file that contains malicious code via student.php file. | 7.2 |
| 2022-11-17 | CVE-2022-41775 | SQL Injection vulnerability in Deltaww Diaenergie SQL Injection in Handler_CFG.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | 8.8 |
| 2022-11-17 | CVE-2022-43447 | SQL Injection vulnerability in Deltaww Diaenergie SQL Injection in AM_EBillAnalysis.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | 8.8 |
| 2022-11-17 | CVE-2022-43452 | SQL Injection vulnerability in Deltaww Diaenergie SQL Injection in FtyInfoSetting.aspx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | 8.8 |
| 2022-11-17 | CVE-2022-43457 | SQL Injection vulnerability in Deltaww Diaenergie SQL Injection in HandlerPage_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | 8.8 |
| 2022-11-17 | CVE-2022-43506 | SQL Injection vulnerability in Deltaww Diaenergie SQL Injection in HandlerTag_KID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network | 8.8 |