Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-30 | CVE-2022-35156 | SQL Injection vulnerability in PHPgurukul BUS Pass Management System 1.0 Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php.. | 9.8 |
| 2022-09-30 | CVE-2022-40943 | SQL Injection vulnerability in PHPgurukul Dairy Farm Shop Management System 1.0 Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via bwdate-report-ds.php file. | 9.8 |
| 2022-09-30 | CVE-2022-40944 | SQL Injection vulnerability in PHPgurukul Dairy Farm Shop Management System 1.0 Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file. | 9.8 |
| 2022-09-30 | CVE-2022-36961 | SQL Injection vulnerability in Solarwinds Orion Platform A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution. | 8.8 |
| 2022-09-30 | CVE-2022-40315 | SQL Injection vulnerability in multiple products A limited SQL injection risk was identified in the "browse list of users" site administration page. | 9.8 |
| 2022-09-30 | CVE-2022-41439 | SQL Injection vulnerability in Billing System Project Billing System Project 1.0 Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/edituser.php. | 7.2 |
| 2022-09-30 | CVE-2022-41440 | SQL Injection vulnerability in Billing System Project Billing System Project 1.0 Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/editcategory.php. | 7.2 |
| 2022-09-29 | CVE-2022-33880 | SQL Injection vulnerability in Hospital Management System Mini-Project Project Hospital Management System Mini-Project hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter. | 9.8 |
| 2022-09-29 | CVE-2022-40887 | SQL Injection vulnerability in Best Student Result Management System Project Best Student Result Management System 1.0 SourceCodester Best Student Result Management System 1.0 is vulnerable to SQL Injection. | 9.8 |
| 2022-09-29 | CVE-2020-15333 | SQL Injection vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows attackers to discover accounts via MySQL "select * from Administrator_users" and "select * from Users_users" requests. | 5.3 |