Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-11 | CVE-2022-30047 | SQL Injection vulnerability in Mingsoft Mcms 5.2.7 Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/listExcludeApp URI via orderBy parameter. | 9.8 |
| 2022-05-11 | CVE-2022-30048 | SQL Injection vulnerability in Mingsoft Mcms 5.2.7 Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter. | 9.8 |
| 2022-05-11 | CVE-2022-30452 | SQL Injection vulnerability in Shopwind ShopWind <= v3.4.2 has a Sql injection vulnerability in Database.php | 7.2 |
| 2022-05-11 | CVE-2022-29006 | SQL Injection vulnerability in PHPgurukul Directory Management System 1.0 Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication. | 9.8 |
| 2022-05-11 | CVE-2022-29007 | SQL Injection vulnerability in PHPgurukul Dairy Farm Shop Management System 1.0 Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication. | 9.8 |
| 2022-05-11 | CVE-2022-29009 | SQL Injection vulnerability in PHPgurukul Cyber Cafe Management System 1.0 Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication. | 9.8 |
| 2022-05-11 | CVE-2022-29316 | SQL Injection vulnerability in Complete Online JOB Search System Project Complete Online JOB Search System 1.0 Complete Online Job Search System v1.0 was discovered to contain a SQL injection vulnerability via /eris/index.php?q=result&searchfor=advancesearch. | 9.8 |
| 2022-05-11 | CVE-2022-29317 | SQL Injection vulnerability in Simple BUS Ticket Booking System Project Simple BUS Ticket Booking System 1.0 Simple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection vulnerbilities via the username and password parameters at /assets/partials/_handleLogin.php. | 9.8 |
| 2022-05-11 | CVE-2022-29656 | SQL Injection vulnerability in Wedding Management System Project Wedding Management System 1.0 Wedding Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Wedding-Management/package_detail.php. | 9.8 |
| 2022-05-11 | CVE-2022-26116 | SQL Injection vulnerability in Fortinet Fortinac Multiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerability [CWE-89] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.2 and below may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted strings parameters. | 8.8 |