Total
18012 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-22223 | 1 Phpjabbers | 1 Fundraising Script | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoad function.
|
|||||
| CVE-2020-22212 | 1 74cms | 1 74cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection in 74cms 3.2.0 via the id parameter to wap/wap-company-show.php.
|
|||||
| CVE-2020-22211 | 1 74cms | 1 74cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.
|
|||||
| CVE-2020-22210 | 1 74cms | 1 74cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php.
|
|||||
| CVE-2020-22209 | 1 74cms | 1 74cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_common.php.
|
|||||
| CVE-2020-22208 | 1 74cms | 1 74cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.php.
|
|||||
| CVE-2020-22206 | 1 Shopex | 1 Ecshop | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection in ECShop 3.0 via the aid parameter to admin/affiliate_ck.php.
|
|||||
| CVE-2020-22205 | 1 Shopex | 1 Ecshop | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection in ECShop 3.0 via the id parameter to admin/shophelp.php.
|
|||||
| CVE-2020-22204 | 1 Shopex | 1 Ecshop | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection in ECShop 2.7.6 via the goods_number parameter to flow.php. .
|
|||||
| CVE-2020-22203 | 1 Phpcms | 1 Phpcms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php.
|
|||||
| CVE-2020-22199 | 1 Phpcms | 1 Phpcms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the digg_mod parameter to digg_add.php.
|
|||||
| CVE-2020-22198 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection vulnerability in DedeCMS 5.7 via mdescription parameter to member/ajax_membergroup.php.
|
|||||
| CVE-2020-22175 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\admin\betweendates-detailsreports.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22174 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\book-appointment.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22173 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\edit-profile.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22172 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22171 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\registration.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22170 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22169 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointment-history.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22168 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22166 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\forgot-password.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22165 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\user-login.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22164 | 1 Phpgurukul | 1 Hospital Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\check_availability.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
|
|||||
| CVE-2020-22122 | 1 Find A Place Ljcms Project | 1 Find A Place Ljcms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A SQL injection vulnerability in /oa.php?c=Staff&a=read of Find a Place LJCMS v 1.3 allows attackers to access sensitive database information via a crafted POST request.
|
|||||
| CVE-2020-21809 | 1 Nukeviet | 1 Nukeviet | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the (1) listid parameter in detail.php and the (2) group_price or groupid parameters in search_result.php.
|
|||||
| CVE-2020-21808 | 1 Nukeviet | 1 Nukeviet | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection vulnerability in NukeViet CMS 4.0.10 - 4.3.07 via:the topicsid parameter in modules/news/admin/addtotopics.php.
|
|||||
| CVE-2020-21806 | 1 Ectouch | 1 Ectouch | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php..
|
|||||
| CVE-2020-21726 | 1 Opensns | 1 Opensns | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the cid parameter.
|
|||||
| CVE-2020-21725 | 1 Opensns | 1 Opensns | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter.
|
|||||
| CVE-2020-21667 | 1 Fastadmin-tp6 Project | 1 Fastadmin-tp6 | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL injection.
|
|||||
| CVE-2020-21665 | 1 Fastadmin | 1 Fastadmin | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh.
|
|||||
| CVE-2020-21662 | 1 Yunyecms | 1 Yunyecms | 2024-11-21 | N/A | 9.8 CRITICAL |
|
SQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to run arbitrary SQL commands via XFF.
|
|||||
| CVE-2020-21394 | 1 Crmeb | 1 Crmeb | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
SQL Injection vulnerability in Zhong Bang Technology Co., Ltd CRMEB mall system V2.60 and V3.1 via the tablename parameter in SystemDatabackup.php.
|
|||||
| CVE-2020-21378 | 1 Seacms | 1 Seacms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL injection vulnerability in SeaCMS 10.1 (2020.02.08) via the id parameter in an edit action to admin_members_group.php.
|
|||||
| CVE-2020-21377 | 1 Yunyecms | 1 Yunyecms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL injection vulnerability in yunyecms V2.0.1 via the selcart parameter.
|
|||||
| CVE-2020-21250 | 1 Cszcms | 1 Csz Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
CSZ CMS v1.2.4 was discovered to contain an arbitrary file upload vulnerability in the component /core/MY_Security.php.
|
|||||
| CVE-2020-21180 | 1 Koa2-blog Project | 1 Koa2-blog | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL statement via the name parameter to the signup page.
|
|||||
| CVE-2020-21179 | 1 Koa2-blog Project | 1 Koa2-blog | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL statement via the name parameter to the signin page.
|
|||||
| CVE-2020-21176 | 1 Thinkjs | 1 Thinkjs | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS 3.2.10 allows remote attackers to execute arbitrary SQL commands via the step parameter.
|
|||||
| CVE-2020-21133 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid.
|
|||||