Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-11-22 CVE-2022-45330 SQL Injection vulnerability in Aerocms Project Aerocms 0.0.1
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Category parameter at \category.php.
network
low complexity
aerocms-project CWE-89
7.5
7.5
2022-11-22 CVE-2022-45331 SQL Injection vulnerability in Aerocms Project Aerocms 0.0.1
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the p_id parameter at \post.php.
network
low complexity
aerocms-project CWE-89
7.5
7.5
2022-11-22 CVE-2022-45529 SQL Injection vulnerability in Aerocms Project Aerocms 0.0.1
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the post_category_id parameter at \admin\includes\edit_post.php.
network
low complexity
aerocms-project CWE-89
4.9
4.9
2022-11-22 CVE-2022-45535 SQL Injection vulnerability in Aerocms Project Aerocms 0.0.1
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the edit parameter at \admin\categories.php.
network
low complexity
aerocms-project CWE-89
4.9
4.9
2022-11-22 CVE-2022-45536 SQL Injection vulnerability in Aerocms Project Aerocms 0.0.1
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the id parameter at \admin\post_comments.php.
network
low complexity
aerocms-project CWE-89
4.9
4.9
2022-11-22 CVE-2022-43212 SQL Injection vulnerability in Billing System Project Billing System Project 1.0
Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the orderId parameter at fetchOrderData.php.
network
low complexity
billing-system-project-project-project CWE-89
critical
 9.8
9.8
2022-11-22 CVE-2022-39066 SQL Injection vulnerability in ZTE Mf286R Firmware Crlvwrgbmf286Rv1.0.0B04
There is a SQL injection vulnerability in ZTE MF286R.
network
low complexity
zte CWE-89
8.8
8.8
2022-11-22 CVE-2022-42098 SQL Injection vulnerability in Klik-Socialmediawebsite Project Klik-Socialmediawebsite 1.0.1
KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php.
network
low complexity
klik-socialmediawebsite-project CWE-89
8.8
8.8
2022-11-22 CVE-2022-43214 SQL Injection vulnerability in Billing System Project Billing System 1.0
Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the orderId parameter at printOrder.php.
network
low complexity
billing-system-project CWE-89
critical
 9.8
9.8
2022-11-22 CVE-2022-43215 SQL Injection vulnerability in Billing System Project Billing System 1.0
Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the endDate parameter at getOrderReport.php.
network
low complexity
billing-system-project CWE-89
critical
 9.8
9.8