Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-18 | CVE-2022-40766 | SQL Injection vulnerability in Moderncampus Omni CMS 10.2.4 Modern Campus Omni CMS (formerly OU Campus) 10.2.4 allows login-page SQL injection via a '" OR 1 = 1 -- - , <?php' substring. | 9.8 |
| 2022-09-16 | CVE-2022-40300 | SQL Injection vulnerability in Zohocorp Manageengine Password Manager PRO Zoho ManageEngine Password Manager Pro through 12120 before 12121, PAM360 through 5550 before 5600, and Access Manager Plus through 4304 before 4305 have multiple SQL injection vulnerabilities. | 9.8 |
| 2022-09-16 | CVE-2022-35193 | SQL Injection vulnerability in Testlink 1.9.20 TestLink v1.9.20 was discovered to contain a SQL injection vulnerability via /lib/execute/execNavigator.php. | 7.2 |
| 2022-09-16 | CVE-2022-38878 | SQL Injection vulnerability in School Activity Updates With SMS Notification Project School Activity Updates With SMS Notification 1.0 School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/event/index.php?view=edit&id=. | 7.2 |
| 2022-09-16 | CVE-2022-38832 | SQL Injection vulnerability in School Activity Updates With SMS Notification Project School Activity Updates With SMS Notification 1.0 School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/department/index.php?view=edit&id=. | 7.2 |
| 2022-09-16 | CVE-2022-38833 | SQL Injection vulnerability in School Activity Updates With SMS Notification Project School Activity Updates With SMS Notification 1.0 School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/modstudent/index.php?view=view&id=. | 7.2 |
| 2022-09-16 | CVE-2022-38808 | SQL Injection vulnerability in Yimihome Ywoa 6.1 ywoa v6.1 is vulnerable to SQL Injection via backend/oa/visual/exportExcel.do interface. | 8.8 |
| 2022-09-16 | CVE-2022-26959 | SQL Injection vulnerability in Globalnorthstar Northstar Club Management 6.3 There are two full (read/write) Blind/Time-based SQL injection vulnerabilities in the Northstar Club Management version 6.3 application. | 9.8 |
| 2022-09-15 | CVE-2022-37201 | SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is vulnerable to SQL Injection. | 8.8 |
| 2022-09-15 | CVE-2022-37207 | SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is affected by: SQL Injection. | 8.8 |