CWE-89

CVE-2022-40447

February 23, 2023 by godfreyd94

ZZCMS 2022 was discovered to contain a SQL injection vulnerability via the keyword parameter at /admin/baojia_list.php.

CVE-2022-40483

February 23, 2023 by godfreyd94

Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /wedding_details.php.

CVE-2022-40484

February 23, 2023 by godfreyd94

Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking parameter at /admin/client_edit.php.

CVE-2022-40485

February 23, 2023 by godfreyd94

Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /package_detail.php.

CVE-2022-4049

February 23, 2023 by godfreyd94

The WP User WordPress plugin through 7.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users.

CVE-2022-4050

February 23, 2023 by godfreyd94

The JoomSport WordPress plugin before 5.2.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users