Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by CWE-89
Angry Yack Logo
Total 18012 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-29981 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Users.php?f=delete.
CVE-2022-29980 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=user/manage_user&id=.
CVE-2022-29979 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_designation.
CVE-2022-29938 1 Librehealth 1 Librehealth Ehr 2024-11-21 6.5 MEDIUM 8.8 HIGH
In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameter payment_id in interface\billing\new_payment.php via interface\billing\payment_master.inc.php leads to SQL injection.
CVE-2022-29904 1 Mediawiki 1 Mediawiki 2024-11-21 7.5 HIGH 9.8 CRITICAL
The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773) allows SQL injection with certain '-' and '_' constraints.
CVE-2022-29822 1 Feathersjs 1 Feathers-sequelize 2024-11-21 N/A 10.0 CRITICAL
Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection
CVE-2022-29807 1 Quest 1 Kace Systems Management Appliance 2024-11-21 N/A 9.8 CRITICAL
A SQL injection vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.0 that can allow for remote code execution via download_agent_installer.php.
CVE-2022-29751 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_client.
CVE-2022-29750 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_service.
CVE-2022-29749 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_invoice.
CVE-2022-29748 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via \cms\admin?page=client/manage_client&id=.
CVE-2022-29747 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/manage_invoice&id= // Leak place ---> id.
CVE-2022-29746 1 Money Transfer Management System Project 1 Money Transfer Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/classes/Users.php?f=delete.
CVE-2022-29745 1 Money Transfer Management System Project 1 Money Transfer Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_transaction.
CVE-2022-29741 1 Money Transfer Management System Project 1 Money Transfer Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_fee.
CVE-2022-29739 1 Money Transfer Management System Project 1 Money Transfer Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user/manage_user&id=.
CVE-2022-29738 1 Money Transfer Management System Project 1 Money Transfer Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=transaction/send&id=, id.
CVE-2022-29721 1 74cms 1 74cmsse 2024-11-21 5.0 MEDIUM 7.5 HIGH
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.
CVE-2022-29709 1 Communilink 1 Clink Office 2024-11-21 N/A 7.5 HIGH
CommuniLink Internet Limited CLink Office v2.0 was discovered to contain multiple SQL injection vulnerabilities via the username and password parameters.
CVE-2022-29704 1 Browsbox 1 Brows Box 2024-11-21 7.5 HIGH 9.8 CRITICAL
BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability.
CVE-2022-29689 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/del.
CVE-2022-29688 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/singer/hy.
CVE-2022-29687 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/level_del.
CVE-2022-29686 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/singer/admin/lists/zhuan.
CVE-2022-29685 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 8.8 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/User/level_sort.
CVE-2022-29684 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/js_del.
CVE-2022-29683 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/page_del.
CVE-2022-29682 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/vod/admin/topic/del.
CVE-2022-29681 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Links/del.
CVE-2022-29680 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/zu_del.
CVE-2022-29676 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan.
CVE-2022-29670 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/del.
CVE-2022-29669 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 8.8 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/lists/zhuan.
CVE-2022-29667 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 8.8 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted photos.
CVE-2022-29666 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan.
CVE-2022-29665 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/topic/save.
CVE-2022-29664 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 8.8 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/pl_save.
CVE-2022-29663 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/hy.
CVE-2022-29662 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/news/save.
CVE-2022-29661 1 Chshcms 1 Cscms Music Portal System 2024-11-21 6.5 MEDIUM 7.2 HIGH
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save.