CWE-89

CVE-2022-25607

February 23, 2023 by godfreyd94

Authenticated (author or higher user role) SQL Injection (SQLi) vulnerability discovered in FV Flowplayer Video Player WordPress plugin (versions <= 7.5.15.727).

CVE-2022-25488

February 23, 2023 by godfreyd94

Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php.

CVE-2022-25490

February 23, 2023 by godfreyd94

HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php.

CVE-2022-25491

February 23, 2023 by godfreyd94

HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php.

CVE-2022-25492

February 23, 2023 by godfreyd94

HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php.

CVE-2022-25494

February 23, 2023 by godfreyd94

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via staff_login.php.