Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-05-06 CVE-2020-19213 SQL Injection vulnerability in Piwigo 2.9.5
SQL Injection vulnerability in cat_move.php in piwigo v2.9.5, via the selection parameter to move_categories.
network
low complexity
piwigo CWE-89
critical
 9.8
9.8
2022-05-06 CVE-2020-19215 SQL Injection vulnerability in Piwigo 2.9.5
SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=user_perm.
network
low complexity
piwigo CWE-89
8.8
8.8
2022-05-06 CVE-2020-19216 SQL Injection vulnerability in Piwigo 2.9.5
SQL Injection vulnerability in admin/user_perm.php in piwigo v2.9.5, via the cat_false parameter to admin.php?page=group_perm.
network
low complexity
piwigo CWE-89
8.8
8.8
2022-05-06 CVE-2020-19217 SQL Injection vulnerability in Piwigo 2.9.5
SQL Injection vulnerability in admin/batch_manager.php in piwigo v2.9.5, via the filter_category parameter to admin.php?page=batch_manager.
network
low complexity
piwigo CWE-89
8.8
8.8
2022-05-05 CVE-2022-29535 SQL Injection vulnerability in Zohocorp Manageengine Opmanager
Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.
network
low complexity
zohocorp CWE-89
critical
 9.8
9.8
2022-05-05 CVE-2022-27360 SQL Injection vulnerability in Bladex Springblade 3.2.0
SpringBlade v3.2.0 and below was discovered to contain a SQL injection vulnerability via the component customSqlSegment.
network
low complexity
bladex CWE-89
critical
 9.8
9.8
2022-05-05 CVE-2022-28079 SQL Injection vulnerability in College Management System Project College Management System 1.0
College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter.
network
low complexity
college-management-system-project CWE-89
8.8
8.8
2022-05-05 CVE-2022-28080 SQL Injection vulnerability in Event Management System Project Event Management System 1.0
Royal Event Management System v1.0 was discovered to contain a SQL injection vulnerability via the todate parameter.
network
low complexity
event-management-system-project CWE-89
8.8
8.8
2022-05-05 CVE-2022-28530 SQL Injection vulnerability in Covid-19 Directory on Vaccination System Project Covid-19 Directory on Vaccination System 1.0
Sourcecodester Covid-19 Directory on Vaccination System 1.0 is vulnerable to SQL Injection via cmdcategory. 		9.8
9.8
2022-05-05 CVE-2022-28533 SQL Injection vulnerability in Medical HUB Directory Site Project Medical HUB Directory Site 1.0
Sourcecodester Medical Hub Directory Site 1.0 is vulnerable to SQL Injection via /mhds/clinic/view_details.php.
network
low complexity
medical-hub-directory-site-project CWE-89
critical
 9.8
9.8