CWE-89

EQ v1.5.31 to v2.2.0 was discovered to contain a SQL injection vulnerability via the UserPwd parameter.

Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_members.php.

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Search parameter. This vulnerability allows attackers to access database information.

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Category parameter at category.php. This vulnerability allows attackers to access database information.

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the p_id parameter at post.php. This vulnerability allows attackers to access database information.

An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a user-controlled parameter that is used to create an SQL query. It causes this service to be prone to SQL injection.