• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2022-25322

February 23, 2023 by godfreyd94

ZEROF Web Server 2.0 allows /HandleEvent SQL Injection.

CVE-2022-25222

February 23, 2023 by godfreyd94

Money Transfer Management System Version 1.0 allows an unauthenticated user to inject SQL queries in ‘admin/maintenance/manage_branch.php’ and ‘admin/maintenance/manage_fee.php’ via the ‘id’ parameter.

CVE-2022-25223

February 23, 2023 by godfreyd94

Money Transfer Management System Version 1.0 allows an authenticated user to inject SQL queries in ‘mtms/admin/?page=transaction/view_details’ via the ‘id’ parameter.

CVE-2022-25225

February 23, 2023 by godfreyd94

Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in ‘/api/eventinstance’ via the ‘sqlparameter’ JSON parameter. It is also possible to achieve remote code execution in the default installation (PostgreSQL) by exploiting this issue.

CVE-2022-25228

February 23, 2023 by godfreyd94

CandidATS Version 3.0.0 Beta allows an authenticated user to inject SQL queries in ‘/index.php?m=settings&a=show’ via the ‘userID’ parameter, in ‘/index.php?m=candidates&a=show’ via the ‘candidateID’, in ‘/index.php?m=joborders&a=show’ via the ‘jobOrderID’ and ‘/index.php?m=companies&a=show’ via the ‘companyID’ parameter

CVE-2022-25096

February 23, 2023 by godfreyd94

Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in /members/view_member.php.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 898
  • Go to page 899
  • Go to page 900
  • Go to page 901
  • Go to page 902
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE