CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2022(SQL Injection)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-45932 89 Sql 2022-11-27 2022-11-30
0.0
None ??? ??? ??? ??? ??? ???
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/RoleStore.java deleteRole function is affected when the API interface /auth/v1/roles/ is used.
2 CVE-2022-45931 89 Sql 2022-11-27 2022-11-30
0.0
None ??? ??? ??? ??? ??? ???
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/UserStore.java deleteUser function is affected when the API interface /auth/v1/users/ is used.
3 CVE-2022-45930 89 Sql 2022-11-27 2022-11-30
0.0
None ??? ??? ??? ??? ??? ???
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/DomainStore.java deleteDomain function is affected for the /auth/v1/domains/ API interface.
4 CVE-2022-45536 89 Sql 2022-11-22 2022-11-23
0.0
None ??? ??? ??? ??? ??? ???
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the id parameter at \admin\post_comments.php. This vulnerability allows attackers to access database information.
5 CVE-2022-45535 89 Sql 2022-11-22 2022-11-23
0.0
None ??? ??? ??? ??? ??? ???
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the edit parameter at \admin\categories.php. This vulnerability allows attackers to access database information.
6 CVE-2022-45529 89 Sql 2022-11-22 2022-11-23
0.0
None ??? ??? ??? ??? ??? ???
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the post_category_id parameter at \admin\includes\edit_post.php. This vulnerability allows attackers to access database information.
7 CVE-2022-45331 89 Sql 2022-11-22 2022-11-23
0.0
None ??? ??? ??? ??? ??? ???
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the p_id parameter at \post.php. This vulnerability allows attackers to access database information.
8 CVE-2022-45330 89 Sql 2022-11-22 2022-11-23
0.0
None ??? ??? ??? ??? ??? ???
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Category parameter at \category.php. This vulnerability allows attackers to access database information.
9 CVE-2022-45329 89 Sql 2022-11-29 2022-11-30
0.0
None ??? ??? ??? ??? ??? ???
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Search parameter. This vulnerability allows attackers to access database information.
10 CVE-2022-45328 89 Sql 2022-11-30 2022-12-01
0.0
None ??? ??? ??? ??? ??? ???
Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_members.php.
11 CVE-2022-45278 89 Sql 2022-11-23 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /index.php/admins/Fields/get_fields.html component.
12 CVE-2022-45210 89 Sql 2022-11-25 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/deleteRecycleBin.
13 CVE-2022-45208 89 Sql 2022-11-25 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/putRecycleBin.
14 CVE-2022-45207 89 Sql 2022-11-25 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component updateNullByEmptyString.
15 CVE-2022-45206 89 Sql 2022-11-25 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/duplicate/check.
16 CVE-2022-45205 89 Sql 2022-11-25 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData.
17 CVE-2022-44945 Sql 2022-12-02 2022-12-02
0.0
None ??? ??? ??? ??? ??? ???
Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the heading_field_id parameter.
18 CVE-2022-44860 89 Sql 2022-11-25 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/transactions/update_status.php.
19 CVE-2022-44859 89 Sql 2022-11-25 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/admin/products/manage_product.php.
20 CVE-2022-44858 89 Sql 2022-11-25 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/products/view_product.php.
21 CVE-2022-44820 89 Sql 2022-11-18 2022-11-20
0.0
None ??? ??? ??? ??? ??? ???
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=transactions/manage_transaction&id=.
22 CVE-2022-44785 89 Sql 2022-11-21 2022-11-23
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Appalti & Contratti 9.12.2. The target web applications are subject to multiple SQL Injection vulnerabilities, some of which executable even by unauthenticated users, as demonstrated by the GetListaEnti.do cfamm parameter.
23 CVE-2022-44727 89 Sql 2022-11-10 2022-11-15
0.0
None ??? ??? ??? ??? ??? ???
The EU Cookie Law GDPR (Banner + Blocker) module before 2.1.3 for PrestaShop allows SQL Injection via a cookie ( lgcookieslaw or __lglaw ).
24 CVE-2022-44415 89 Sql 2022-11-18 2022-11-20
0.0
None ??? ??? ??? ??? ??? ???
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/mechanics/view_mechanic.php?id=.
25 CVE-2022-44414 89 Sql 2022-11-18 2022-11-20
0.0
None ??? ??? ??? ??? ??? ???
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/services/manage_service.php?id=.
26 CVE-2022-44413 89 Sql 2022-11-18 2022-11-20
0.0
None ??? ??? ??? ??? ??? ???
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/mechanics/manage_mechanic.php?id=.
27 CVE-2022-44403 89 Sql 2022-11-17 2022-11-18
0.0
None ??? ??? ??? ??? ??? ???
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=user/manage_user&id=.
28 CVE-2022-44402 89 Sql 2022-11-17 2022-11-18
0.0
None ??? ??? ??? ??? ??? ???
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_transaction.
29 CVE-2022-44399 89 Sql 2022-11-28 2022-12-01
0.0
None ??? ??? ??? ??? ??? ???
Poultry Farm Management System v1.0 contains a SQL injection vulnerability via the del parameter at /Redcock-Farm/farm/category.php.
30 CVE-2022-44379 89 Sql 2022-11-18 2022-11-21
0.0
None ??? ??? ??? ??? ??? ???
Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_service.
31 CVE-2022-44378 89 Sql 2022-11-18 2022-11-21
0.0
None ??? ??? ??? ??? ??? ???
Automotive Shop Management System v1.0 is vulnerable to SQL via /asms/classes/Master.php?f=delete_mechanic.
32 CVE-2022-44348 89 Sql 2022-12-02 2022-12-03
0.0
None ??? ??? ??? ??? ??? ???
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/orders/update_status.php?id=.
33 CVE-2022-44347 89 Sql 2022-12-02 2022-12-03
0.0
None ??? ??? ??? ??? ??? ???
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=inquiries/view_inquiry&id=.
34 CVE-2022-44345 89 Sql 2022-12-02 2022-12-03
0.0
None ??? ??? ??? ??? ??? ???
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=quotes/view_quote&id=.
35 CVE-2022-44296 89 Sql 2022-11-30 2022-12-01
0.0
None ??? ??? ??? ??? ??? ???
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/quotes/manage_remark.php?id=.
36 CVE-2022-44295 89 Sql 2022-11-30 2022-12-01
0.0
None ??? ??? ??? ??? ??? ???
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/orders/assign_team.php?id=.
37 CVE-2022-44294 89 Sql 2022-11-30 2022-12-01
0.0
None ??? ??? ??? ??? ??? ???
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=services/manage_service&id=.
38 CVE-2022-44291 Sql 2022-12-02 2022-12-02
0.0
None ??? ??? ??? ??? ??? ???
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php.
39 CVE-2022-44290 Sql 2022-12-02 2022-12-02
0.0
None ??? ??? ??? ??? ??? ???
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php.
40 CVE-2022-44278 89 Sql 2022-11-23 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=user/manage_user&id=.
41 CVE-2022-44277 89 Sql 2022-12-02 2022-12-03
0.0
None ??? ??? ??? ??? ??? ???
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/classes/Master.php?f=delete_product.
42 CVE-2022-44151 89 Sql 2022-11-30 2022-12-01
0.0
None ??? ??? ??? ??? ??? ???
Simple Inventory Management System v1.0 is vulnerable to SQL Injection via /ims/login.php.
43 CVE-2022-44140 89 Sql 2022-11-23 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /Member/memberedit.html component.
44 CVE-2022-44139 89 Sql 2022-11-23 2022-11-26
0.0
None ??? ??? ??? ??? ??? ???
Apartment Visitor Management System v1.0 is vulnerable to SQL Injection via /avms/index.php.
45 CVE-2022-44120 89 Sql 2022-11-23 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
dedecmdv6 6.1.9 is vulnerable to SQL Injection. via sys_sql_query.php.
46 CVE-2022-44117 89 Sql 2022-11-23 2022-11-28
0.0
None ??? ??? ??? ??? ??? ???
Boa 0.94.14rc21 is vulnerable to SQL Injection via username.
47 CVE-2022-44003 89 Sql 2022-11-16 2022-11-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in BACKCLICK Professional 5.9.63. Due to insufficient escaping of user-supplied input, the application is vulnerable to SQL injection at various locations.
48 CVE-2022-43775 89 Exec Code Sql 2022-10-26 2022-10-28
0.0
None ??? ??? ??? ??? ??? ???
The HICT_Loop class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an attacker to gain code execution on a remote system.
49 CVE-2022-43774 89 Exec Code Sql 2022-10-26 2022-10-28
0.0
None ??? ??? ??? ??? ??? ???
The HandlerPageP_KID class in Delta Electronics DIAEnergy v1.9 contains a SQL Injection flaw that could allow an attacker to gain code execution on a remote system.
50 CVE-2022-43709 89 Sql 2022-11-22 2022-11-22
0.0
None ??? ??? ??? ??? ??? ???
MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings.
Total number of vulnerabilities : 1695   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.