Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-08-02 CVE-2022-29807 SQL Injection vulnerability in Quest Kace Systems Management Appliance
A SQL injection vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.0 that can allow for remote code execution via download_agent_installer.php.
network
low complexity
quest CWE-89
critical
 9.8
9.8
2022-08-02 CVE-2022-34945 SQL Injection vulnerability in Pharmacy Management System Project Pharmacy Management System 1.0
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getproductreport.php.
network
low complexity
pharmacy-management-system-project CWE-89
critical
 9.8
9.8
2022-08-02 CVE-2022-34946 SQL Injection vulnerability in Pharmacy Management System Project Pharmacy Management System 1.0
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getexpproduct.php.
network
low complexity
pharmacy-management-system-project CWE-89
critical
 9.8
9.8
2022-08-02 CVE-2022-34947 SQL Injection vulnerability in Pharmacy Management System Project Pharmacy Management System 1.0
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editcategory.php.
network
low complexity
pharmacy-management-system-project CWE-89
critical
 9.8
9.8
2022-08-02 CVE-2022-34948 SQL Injection vulnerability in Pharmacy Management System Project Pharmacy Management System 1.0
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editbrand.php.
network
low complexity
pharmacy-management-system-project CWE-89
critical
 9.8
9.8
2022-08-02 CVE-2022-34949 SQL Injection vulnerability in Pharmacy Management System Project Pharmacy Management System 1.0
Pharmacy Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the email or password parameter at login.php.
network
low complexity
pharmacy-management-system-project CWE-89
critical
 9.8
9.8
2022-08-02 CVE-2022-34950 SQL Injection vulnerability in Pharmacy Management System Project Pharmacy Management System 1.0
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editproduct.php.
network
low complexity
pharmacy-management-system-project CWE-89
critical
 9.8
9.8
2022-08-02 CVE-2022-34951 SQL Injection vulnerability in PHPtpoint Pharmacy Management System 1.0
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getsalereport.php.
network
low complexity
phptpoint CWE-89
critical
 9.8
9.8
2022-08-02 CVE-2022-34952 SQL Injection vulnerability in PHPtpoint Pharmacy Management System 1.0
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edituser.php.
network
low complexity
phptpoint CWE-89
critical
 9.8
9.8
2022-08-02 CVE-2022-34953 SQL Injection vulnerability in PHPtpoint Pharmacy Management System 1.0
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getOrderReport.php.
network
low complexity
phptpoint CWE-89
critical
 9.8
9.8