Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-10-19 CVE-2022-43023 SQL Injection vulnerability in Opencats 0.9.6
OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors function.
network
low complexity
opencats CWE-89
6.5
6.5
2022-10-18 CVE-2022-42218 SQL Injection vulnerability in Open Source Sacco Management System Project Open Source Sacco Management System 1.0
Open Source SACCO Management System v1.0 vulnerable to SQL Injection via /sacco_shield/manage_loan.php. 		7.2
7.2
2022-10-18 CVE-2022-3579 SQL Injection vulnerability in Oretnom23 Cashier Queuing System 1.0
A vulnerability classified as critical was found in SourceCodester Cashier Queuing System 1.0.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2022-10-18 CVE-2022-3583 SQL Injection vulnerability in Canteen Management System Project Canteen Management System 1.0
A vulnerability was found in SourceCodester Canteen Management System 1.0.
network
low complexity
canteen-management-system-project CWE-89
critical
 9.8
9.8
2022-10-17 CVE-2022-3158 SQL Injection vulnerability in Rockwellautomation Factorytalk Vantagepoint
Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability.
network
low complexity
rockwellautomation CWE-89
8.8
8.8
2022-10-17 CVE-2022-42143 SQL Injection vulnerability in Open Source Sacco Management System Project Open Source Sacco Management System 1.0
Open Source SACCO Management System v1.0 is vulnerable to SQL Injection via /sacco_shield/manage_payment.php. 		7.2
7.2
2022-10-17 CVE-2022-41498 SQL Injection vulnerability in Billing System Project Billing System 1.0
Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/editbrand.php.
network
low complexity
billing-system-project CWE-89
7.2
7.2
2022-10-17 CVE-2022-42237 SQL Injection vulnerability in Merchandise Online Store Project Merchandise Online Store 1.0
A SQL Injection issue in Merchandise Online Store v.1.0 allows an attacker to log in to the admin account.
network
low complexity
merchandise-online-store-project CWE-89
critical
 9.8
9.8
2022-10-14 CVE-2022-41416 SQL Injection vulnerability in Online Tours & Travels Management System Project Online Tours & Travels Management System 1.0
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /user/update_booking.php. 		7.2
7.2
2022-10-14 CVE-2022-42232 SQL Injection vulnerability in Oretnom23 Simple Cold Storage Management System 1.0
Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/classes/Master.php?f=delete_storage.
network
low complexity
oretnom23 CWE-89
7.2
7.2