CWE-89 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (17605 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-36681	1 Simple Task Scheduling System Project	1 Simple Task Scheduling System	2024-11-21	9.8 Critical
Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_account.
CVE-2022-36680	1 Simple Task Scheduling System Project	1 Simple Task Scheduling System	2024-11-21	9.8 Critical
Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_schedule.
CVE-2022-36679	1 Simple Task Scheduling System Project	1 Simple Task Scheduling System	2024-11-21	9.8 Critical
Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user.
CVE-2022-36678	1 Simple Task Scheduling System Project	1 Simple Task Scheduling System	2024-11-21	9.8 Critical
Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category.
CVE-2022-36676	1 Simple Task Scheduling System Project	1 Simple Task Scheduling System	2024-11-21	7.2 High
Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/view_category.php.
CVE-2022-36675	1 Simple Task Scheduling System Project	1 Simple Task Scheduling System	2024-11-21	7.2 High
Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/manage_schedule.php.
CVE-2022-36674	1 Simple Task Scheduling System Project	1 Simple Task Scheduling System	2024-11-21	7.2 High
Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/view_schedule.php.
CVE-2022-36669	1 Hospital Information System Project	1 Hospital Information System	2024-11-21	9.8 Critical
Hospital Information System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
CVE-2022-36636	1 Garage Management System Project	1 Garage Management System	2024-11-21	8.8 High
Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /print.php.
CVE-2022-36635	1 Zkteco	1 Zkbiosecurity V5000	2024-11-21	8.8 High
ZKteco ZKBioSecurity V5000 4.1.3 was discovered to contain a SQL injection vulnerability via the component /baseOpLog.do.
CVE-2022-36609	1 Oretnom23	1 Clinic\'s Patient Management System	2024-11-21	9.8 Critical
Clinic's Patient Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pms/update_patient.php.
CVE-2022-36606	1 Yimihome	1 Ywoa	2024-11-21	9.8 Critical
Ywoa before v6.1 was discovered to contain a SQL injection vulnerability via /oa/setup/checkPool?database.
CVE-2022-36605	1 Yimihome	1 Ywoa	2024-11-21	9.8 Critical
Yimioa v6.1 was discovered to contain a SQL injection vulnerability via the orderbyGET parameter.
CVE-2022-36599	1 Mingsoft	1 Mcms	2024-11-21	9.8 Critical
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists.
CVE-2022-36594	1 Mybatis	1 Mapper	2024-11-21	9.8 Critical
Mapper v4.0.0 to v4.2.0 was discovered to contain a SQL injection vulnerability via the ids parameter at the selectByIds function.
CVE-2022-36581	1 Online Ordering System Project	1 Online Ordering System	2024-11-21	7.5 High
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via the user_email parameter at /admin/login.php.
CVE-2022-36578	1 Jizhicms	1 Jizhicms	2024-11-21	9.8 Critical
jizhicms v2.3.1 has SQL injection in the background.
CVE-2022-36529	1 Kensite Cms Project	1 Kensite Cms	2024-11-21	8.8 High
Kensite CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities via the name and oldname parameters at /framework/mod/db/DBMapper.xml.
CVE-2022-36276	1 Tcman	1 Gim	2024-11-21	9.9 Critical
TCMAN GIM v8.0.1 is vulnerable to a SQL injection via the 'SqlWhere' parameter inside the function 'BuscarESM'. The exploitation of this vulnerability might allow a remote attacker to directly interact with the database.
CVE-2022-36272	1 Mingsoft	1 Mcms	2024-11-21	9.8 Critical
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter.

« first previous Page 685 of 881. next last »