Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-08-16 CVE-2022-36242 SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0
Clinic's Patient Management System v1.0 is vulnerable to SQL Injection via /pms/update_medicine.php?id=.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2022-08-16 CVE-2022-36272 SQL Injection vulnerability in Mingsoft Mcms 5.2.8
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter.
network
low complexity
mingsoft CWE-89
critical
 9.8
9.8
2022-08-16 CVE-2022-36599 SQL Injection vulnerability in Mingsoft Mcms 5.2.8
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists.
network
low complexity
mingsoft CWE-89
critical
 9.8
9.8
2022-08-12 CVE-2022-2801 SQL Injection vulnerability in Automated Beer Parlour Billing System Project Automated Beer Parlour Billing System
A vulnerability, which was classified as critical, was found in SourceCodester Automated Beer Parlour Billing System.
network
low complexity
automated-beer-parlour-billing-system-project CWE-89
critical
 9.8
9.8
2022-08-12 CVE-2022-20280 SQL Injection vulnerability in Google Android 13.0
In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection.
local
low complexity
google CWE-89
3.3
3.3
2022-08-11 CVE-2022-2770 SQL Injection vulnerability in Simple Online Book Store System Project Simple Online Book Store System
A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System.
network
low complexity
simple-online-book-store-system-project CWE-89
critical
 9.8
9.8
2022-08-10 CVE-2022-36750 SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 1.0
Clinic's Patient Management System v1.0 is vulnerable to SQL injection via /pms/update_user.php?id=.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2022-08-10 CVE-2022-38130 SQL Injection vulnerability in Keysight Sensor Management Server 2.4.0
The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip() method is used to restore the HSQLDB database used in SMS.
network
low complexity
keysight CWE-89
critical
 9.8
9.8
2022-08-08 CVE-2022-2698 SQL Injection vulnerability in Simple E-Learning System Project Simple E-Learning System
A vulnerability was found in SourceCodester Simple E-Learning System.
network
low complexity
simple-e-learning-system-project CWE-89
critical
 9.8
9.8
2022-08-08 CVE-2022-2706 SQL Injection vulnerability in Fabian Online Class and Exam Scheduling System 1.0
A vulnerability classified as critical has been found in SourceCodester Online Class and Exam Scheduling System 1.0.
network
low complexity
fabian CWE-89
critical
 9.8
9.8