Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

CVE-2022-44278: bug_report/SQLi-1.md at main · Onetpaer/bug_report

Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=user/manage_user&id=.

CVE
#sql#vulnerability#windows#php#auth#firefox
CVE-2022-44139: bug_report/SQLi-1.md at main · 375978342/bug_report

Apartment Visitor Management System v1.0 is vulnerable to SQL Injection via /avms/index.php.

CVE-2022-42896: 🐧🕺

There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url

CVE-2022-42895: 🐧🕺

There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e https://www.google.com/url

CVE-2022-43213: CVE/CVE-2022-43213(sql in editorder.php).md at main · Qrayyy/CVE

Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editorder.php.

CVE-2022-45535: AeroCMS-v0.0.1-SQLi update_categories_sql_injection

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the edit parameter at \admin\categories.php. This vulnerability allows attackers to access database information.

CVE-2022-45529

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the post_category_id parameter at \admin\includes\edit_post.php. This vulnerability allows attackers to access database information.

CVE-2022-45331: CVE/post_sql_injection.md at master · rdyx0/CVE

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the p_id parameter at \post.php. This vulnerability allows attackers to access database information.

CVE-2022-45330

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Category parameter at \category.php. This vulnerability allows attackers to access database information.

CVE-2022-45536: CVE/post_comments_sql_injection.md at master · rdyx0/CVE

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the id parameter at \admin\post_comments.php. This vulnerability allows attackers to access database information.