Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

CVE-2022-29665: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #19 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/topic/save.

CVE
Open in Source
#sql#vulnerability#web#windows#apple#js#java#php#chrome#webkit
CVE-2022-29666: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #24 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan.

CVE-2022-29667: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #26 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted photos.

CVE-2022-29681: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #35 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Links/del.

CVE-2022-29687: SQL injection vulnerability exists in Cscms music portal system v4.2 (Discovered by 星海Lab) · Issue #30 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/level_del.

CVE-2022-29721: SQL Injection vulnerability on 74cmsse · Issue #2 · PAINCLOWN/74cmsSE-Arbitrary-File-Reading

74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.

CVE-2021-40317: [11.5.0]SQL Injection Vulnerability · Issue #1470 · Piwigo/Piwigo

Piwigo 11.5.0 is affected by a SQL injection vulnerability via admin.php and the id parameter.

CVE-2022-29650: Online Food Ordering System Unauthenticated Sql Injection - HackMD

Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the Search parameter at /online-food-order/food-search.php.

CVE-2022-1883: fix(db): possible sql injection on /search endpoint · camptocamp/terraboard@2a5dbaa

SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0.

CVE-2022-29359: School Club Application System in PHP/OOP Free Source Code

A stored cross-site scripting (XSS) vulnerability in /scas/?page=clubs/application_form&id=7 of School Club Application System v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter.