High
CVE-2023-0254
The Simple Membership WP user Import plugin for WordPress is vulnerable to SQL Injection via the ‘orderby’ parameter in versions up to, and including, 1.7 due to insufficient escaping on the user sup…
Tag: SQL Injection
All CVEs associated with "SQL Injection". Page 86/175 • 20887 CVEs.
Subscribe CVEs: RSS for “SQL Injection” · RSS (High+Critical only)
About “SQL Injection”
A curated feed of “SQL Injection”-related CVEs appears below. We currently track 20887 CVEs for this tag (all time). In the last 365 days, 4048 were published. Average CVSS is 7.7 (all time; 7.3 over 365d), and 76% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE-20 - Improper Input Validation.
In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2023-01-12
Medium
CVE-2013-10011
A vulnerability was found in aeharding classroom-engagement-system and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to sql injection. The attac…
Medium
CVE-2023-0245
A vulnerability, which was classified as critical, has been found in SourceCodester Online Flight Booking Management System. This issue affects some unknown processing of the file add_contestant.php.…
Medium
CVE-2023-0244
A vulnerability classified as critical was found in TuziCMS 2.0.6. This vulnerability affects the function delall of the file \App\Manage\Controller\KefuController.class.php. The manipulation of the…
Medium
CVE-2023-0243
A vulnerability classified as critical has been found in TuziCMS 2.0.6. This affects the function index of the file App\Manage\Controller\ArticleController.class.php of the component Article Module.…
2023-01-11
Medium
CVE-2015-10039
A vulnerability was found in dobos domino. It has been rated as critical. Affected by this issue is some unknown functionality in the library src/Complex.Domino.Lib/Lib/EntityFactory.cs. The manipula…
Medium
CVE-2015-10038
A vulnerability was found in nym3r0s pplv2. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The patch is named 2…
Medium
CVE-2014-125076
A vulnerability was found in NoxxieNl Criminals. It has been classified as critical. Affected is an unknown function of the file ingame/roulette.php. The manipulation of the argument gambleMoney lead…
Medium
CVE-2014-125075
A vulnerability was found in gmail-servlet and classified as critical. This issue affects the function search of the file src/Model.java. The manipulation leads to sql injection. The identifier of th…
Medium
CVE-2022-40615
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add,…
Critical
CVE-2022-47864
Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeCategories.php.
Critical
CVE-2022-47862
Lead Management System v1.0 is vulnerable to SQL Injection via the customer_id parameter in ajax_represent.php.
Critical
CVE-2022-47861
Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeLead.php.
Critical
CVE-2022-47860
Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeProduct.php.
Critical
CVE-2022-47859
Lead Management System v1.0 is vulnerable to SQL Injection via the user_id parameter in changePassword.php.
Medium
CVE-2017-20168
A vulnerability was found in jfm-so piWallet. It has been rated as critical. Affected by this issue is some unknown functionality of the file api.php. The manipulation of the argument key leads to sq…
Medium
CVE-2014-125074
A vulnerability was found in Nayshlok Voyager. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file Voyager/src/models/DatabaseAccess.java. The man…
Critical
CVE-2022-47866
Lead management system v1.0 is vulnerable to SQL Injection via the id parameter in removeBrand.php.
Critical
CVE-2022-47865
Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeOrder.php.
Medium
CVE-2015-10037
A vulnerability, which was classified as critical, was found in ACI_Escola. This affects an unknown part. The manipulation leads to sql injection. The identifier of the patch is 34eed1f7b9295d1424912…
Medium
CVE-2015-10036
A vulnerability was found in kylebebak dronfelipe. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The patch is…
High
CVE-2023-22959
WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php (txtFirstName, txtLastName).
2023-01-10
Medium
CVE-2022-45165
An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a user-controlled parameter that is used to create an SQL query. It causes this service to…
High
CVE-2022-38492
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. One parameter allows SQL injection. Version 2022.1.110.1.02 fixes the vulnerability.
Critical
CVE-2022-38490
An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. Some parameters allow SQL injection. Version 2022.1.110.1.02 corrects this issue.
Medium
CVE-2014-125073
A vulnerability was found in mapoor voteapp. It has been rated as critical. Affected by this issue is the function create_poll/do_poll/show_poll/show_refresh of the file app.py. The manipulation lead…
Critical
CVE-2022-4422
Call Center System developed by Bulutses Information Technologies before version 3.0 has an unauthenticated Sql Injection vulnerability. This has been fixed in the version 3.0
Critical
CVE-2022-3792
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GullsEye GullsEye terminal operating system allows SQL Injection. This issue affects GullsEye te…
Critical
CVE-2023-0016
SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. The exploitation of this issue could lead to SQL injection vulnerability and could allow an attacke…
2023-01-09
Medium
CVE-2014-125072
A vulnerability classified as critical has been found in CherishSin klattr. This affects an unknown part. The manipulation leads to sql injection. The patch is named f8e4ecfbb83aef577011b0b4aebe96fb6…
Medium
CVE-2015-10035
A vulnerability was found in gperson angular-test-reporter and classified as critical. This issue affects the function getProjectTables/addTest of the file rest-server/data-server.js. The manipulatio…
Medium
CVE-2015-10034
A vulnerability has been found in j-nowak workout-organizer and classified as critical. This vulnerability affects unknown code. The manipulation leads to sql injection. The patch is identified as 13…
Critical
CVE-2022-47790
Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=.
2023-01-08
Medium
CVE-2016-15016
A vulnerability was found in mrtnmtth joomla_mod_einsatz_stats up to 0.2. It has been classified as critical. This affects the function getStatsByType of the file helper.php. The manipulation of the…
Medium
CVE-2015-10031
A vulnerability classified as critical was found in purpleparrots 491-Project. This vulnerability affects unknown code of the file update.php of the component Highscore Handler. The manipulation lead…
Medium
CVE-2018-25072
A vulnerability classified as critical has been found in lojban jbovlaste. This affects an unknown part of the file dict/listing.html. The manipulation leads to sql injection. It is possible to initi…
Medium
CVE-2019-25100
A vulnerability was found in happyman twmap. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file twmap3/data/ajaxCRUD/pointdata2.php. The manipula…
Medium
CVE-2021-4308
A vulnerability was found in WebPA up to 3.1.1. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. Upgrading to version 3.1.2 is able…
Medium
CVE-2020-36648
A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of th…
Medium
CVE-2014-125067
A vulnerability classified as critical was found in corincerami curiosity. Affected by this vulnerability is an unknown functionality of the file app/controllers/image_controller.rb. The manipulation…
High
CVE-2007-10002
A vulnerability, which was classified as critical, has been found in web-cyradm. Affected by this issue is some unknown functionality of the file auth.inc.php. The manipulation of the argument login/…
2023-01-07
Medium
CVE-2022-2666
A vulnerability has been found in SourceCodester Loan Management System and classified as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument use…
Medium
CVE-2021-4301
A vulnerability was found in slackero phpwcms up to 1.9.26 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument $phpwcms['db_prepend'] le…
Medium
CVE-2014-125029
A vulnerability was found in ttskch PaginationServiceProvider up to 0.x. It has been declared as critical. This vulnerability affects unknown code of the file demo/index.php of the component demo. Th…
Medium
CVE-2016-15013
A vulnerability was found in ForumHulp searchresults. It has been rated as critical. Affected by this issue is the function list_keywords of the file event/listener.php. The manipulation of the argum…
Medium
CVE-2014-125065
A vulnerability, which was classified as critical, was found in john5223 bottle-auth. Affected is an unknown function. The manipulation leads to sql injection. The name of the patch is 99cfbcc0c14290…
Medium
CVE-2013-10009
A vulnerability was found in DrAzraelTod pyChao and classified as critical. Affected by this issue is the function klauen/lesen of the file mod_fun/__init__.py. The manipulation leads to sql injectio…
Medium
CVE-2020-36645
A vulnerability, which was classified as critical, was found in square squalor. This affects an unknown part. The manipulation leads to sql injection. Upgrading to version v0.0.0 is able to address t…
Medium
CVE-2014-125063
A vulnerability was found in ada-l0velace Bid and classified as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The identifier of the patch is abd71140b…
Medium
CVE-2014-125062
A vulnerability classified as critical was found in ananich bitstorm. Affected by this vulnerability is an unknown functionality of the file announce.php. The manipulation of the argument event leads…
Medium
CVE-2016-15012
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the f…
Medium
CVE-2015-10026
A vulnerability was found in tiredtyrant flairbot. It has been declared as critical. This vulnerability affects unknown code of the file flair.py. The manipulation leads to sql injection. The patch i…
Medium
CVE-2014-125061
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in peel filebroker and classified as critical. Affected by this issue is the function select_transfer_status_desc of the file lib/common.rb.…
Medium
CVE-2018-25071
A vulnerability was found in roxlukas LMeve up to 0.1.58. It has been rated as critical. Affected by this issue is the function insert_log of the file wwwroot/ccpwgl/proxy.php. The manipulation of th…
Medium
CVE-2015-10023
A vulnerability classified as critical has been found in Fumon trello-octometric. This affects the function main of the file metrics-ui/server/srv.go. The manipulation of the argument num leads to sq…
Medium
CVE-2015-10022
A vulnerability was found in IISH nlgis2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file scripts/etl/custom_import.pl. The manipulation leads…
Medium
CVE-2018-25070
A vulnerability has been found in polterguy Phosphorus Five up to 8.2 and classified as critical. This vulnerability affects the function csv.Read of the file plugins/extras/p5.mysql/NonQuery.cs of t…
Medium
CVE-2014-125058
A vulnerability was found in LearnMeSomeCodes project3 and classified as critical. This issue affects the function search_first_name of the file search.rb. The manipulation leads to sql injection. Th…
2023-01-06
Medium
CVE-2014-125053
A vulnerability was found in Piwigo-Guest-Book up to 1.3.0. It has been declared as critical. This vulnerability affects unknown code of the file include/guestbook.inc.php of the component Navigation…
Medium
CVE-2013-10008
A vulnerability was found in sheilazpy eShop. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection. The name of the patch is e096c5849c4dc09e10…
Medium
CVE-2018-25067
A vulnerability, which was classified as critical, was found in JoomGallery up to 3.3.3. This affects an unknown part of the file administrator/components/com_joomgallery/views/config/tmpl/default.ph…
Medium
CVE-2014-125052
A vulnerability was found in JervenBolleman sparql-identifiers and classified as critical. This issue affects some unknown processing of the file src/main/java/org/identifiers/db/RegistryDao.java. Th…
Medium
CVE-2022-39072
There is a SQL injection vulnerability in Some ZTE Mobile Internet products. Due to insufficient validation of the input parameters of the SNTP interface, an authenticated attacker could use the vuln…
Medium
CVE-2014-125051
A vulnerability was found in himiklab yii2-jqgrid-widget up to 1.0.7. It has been declared as critical. This vulnerability affects the function addSearchOptionsRecursively of the file JqGridAction.ph…
Medium
CVE-2014-125050
A vulnerability was found in ScottTZhang voter-js and classified as critical. Affected by this issue is some unknown functionality of the file main.js. The manipulation leads to sql injection. The pa…
Medium
CVE-2015-10018
A vulnerability has been found in DBRisinajumi d2files and classified as critical. Affected by this vulnerability is the function actionUpload/actionDownloadFile of the file controllers/D2filesContro…
Medium
CVE-2014-125049
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in typcn Blogile. Affected is the function getNav of the file server.js. The manipulation of the argument…
Medium
CVE-2014-125047
A vulnerability classified as critical has been found in tbezman school-store. This affects an unknown part. The manipulation leads to sql injection. The identifier of the patch is 2957fc97054216d3a3…
Medium
CVE-2018-25066
A vulnerability was found in PeterMu nodebatis up to 2.1.x. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection. Upgrading to version 2.2.0 is…
Medium
CVE-2015-10017
A vulnerability has been found in HPI-Information-Systems ProLOD and classified as critical. This vulnerability affects unknown code. The manipulation of the argument this leads to sql injection. The…
Medium
CVE-2015-10016
A vulnerability, which was classified as critical, has been found in jeff-kelley opensim-utils. Affected by this issue is the function DatabaseForRegion of the file regionscrits.php. The manipulation…
Medium
CVE-2014-125046
A vulnerability, which was classified as critical, was found in Seiji42 cub-scout-tracker. This affects an unknown part of the file databaseAccessFunctions.js. The manipulation leads to sql injection…
High
CVE-2022-40049
SQL injection vulnerability in sourcecodester Theme Park Ticketing System 1.0 allows remote attackers to view sensitive information via the id parameter to the /tpts/manage_user.php page.
2023-01-05
Medium
CVE-2014-125045
A vulnerability has been found in meol1 and classified as critical. Affected by this vulnerability is the function GetAnimal of the file opdracht4/index.php. The manipulation of the argument where le…
Medium
CVE-2017-20163
A vulnerability has been found in Red Snapper NView and classified as critical. This vulnerability affects the function mutate of the file src/Session.php. The manipulation of the argument session le…
Medium
CVE-2015-10015
A vulnerability, which was classified as critical, has been found in glidernet ogn-live. This issue affects some unknown processing. The manipulation leads to sql injection. The patch is named bc0f19…
Medium
CVE-2014-125041
A vulnerability classified as critical was found in Miccighel PR-CWT. This vulnerability affects unknown code. The manipulation leads to sql injection. The patch is identified as e412127d07004668e5a2…
Medium
CVE-2015-10014
A vulnerability classified as critical has been found in arekk uke. This affects an unknown part of the file lib/uke/finder.rb. The manipulation leads to sql injection. The identifier of the patch is…
Medium
CVE-2014-125040
A vulnerability was found in stevejagodzinski DevNewsAggregator. It has been rated as critical. Affected by this issue is the function getByName of the file php/data_access/RemoteHtmlContentDataAcces…
Low
CVE-2007-10001
A vulnerability classified as problematic has been found in web-cyradm. This affects an unknown part of the file search.php. The manipulation of the argument searchstring leads to sql injection. It i…
Critical
CVE-2022-47523
Zoho ManageEngine Access Manager Plus before 4309, Password Manager Pro before 12210, and PAM360 before 5801 are vulnerable to SQL Injection.
High
CVE-2022-43531
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager in…
High
CVE-2022-43530
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager in…
High
CVE-2022-43523
Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the A…
High
CVE-2022-43522
Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the A…
High
CVE-2022-43521
Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the A…
High
CVE-2022-43520
Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the A…
High
CVE-2022-43519
Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the A…
2023-01-04
Medium
CVE-2022-22338
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to v…
Medium
CVE-2010-10003
A vulnerability classified as critical was found in gesellix titlelink on Joomla. Affected by this vulnerability is an unknown functionality of the file plugin_content_title.php. The manipulation of…
2023-01-03
Critical
CVE-2022-38627
Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter.
Medium
CVE-2022-4871
A vulnerability classified as problematic was found in ummmmm nflpick-em.com up to 2.2.x. This vulnerability affects the function _Load_Users of the file html/includes/runtime/admin/JSON/LoadUsers.ph…
2023-01-02
High
CVE-2022-4373
The Quote-O-Matic WordPress plugin through 1.0.5 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users s…
High
CVE-2022-4372
The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users suc…
High
CVE-2022-4371
The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users suc…
High
CVE-2022-4370
The multimedial images WordPress plugin through 1.0b does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role…
High
CVE-2022-4360
The WP RSS By Publishers WordPress plugin through 0.1 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege us…
High
CVE-2022-4359
The WP RSS By Publishers WordPress plugin through 0.1 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege us…
High
CVE-2022-4358
The WP RSS By Publishers WordPress plugin through 0.1 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege us…
Critical
CVE-2022-4357
The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a…
High
CVE-2022-4356
The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such…
High
CVE-2022-4355
The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such…
High
CVE-2022-4352
The Qe SEO Handyman WordPress plugin through 1.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users s…
High
CVE-2022-4351
The Qe SEO Handyman WordPress plugin through 1.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users s…
Critical
CVE-2022-4297
The WP AutoComplete Search WordPress plugin through 1.0.4 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX available to unauthenticated users, leading to an una…
Critical
CVE-2022-4099
The Joy Of Text Lite WordPress plugin before 2.3.1 does not properly sanitise and escape some parameters before using them in SQL statements accessible to unauthenticated users, leading to unauthenti…
Critical
CVE-2022-4059
The Cryptocurrency Widgets Pack WordPress plugin before 2.0 does not sanitise and escape some parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leadi…
Critical
CVE-2022-4049
The WP User WordPress plugin through 7.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users.
High
CVE-2022-3860
The Visual Email Designer for WooCommerce WordPress plugin before 1.7.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by…
Critical
CVE-2022-3241
The Build App Online WordPress plugin before 1.0.19 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users, l…
Medium
CVE-2014-125038
A vulnerability has been found in IS_Projecto2 and classified as critical. This vulnerability affects unknown code of the file Cnn-EJB/ejbModule/ejbs/NewsBean.java. The manipulation of the argument d…
Medium
CVE-2014-125037
A vulnerability, which was classified as critical, was found in License to Kill. This affects an unknown part of the file models/injury.rb. The manipulation of the argument name leads to sql injectio…
Medium
CVE-2015-10008
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in 82Flex WEIPDCRM. It has been classified as critical. This affects an unknown part. The manipulation leads to sql injection. It is possible…
Medium
CVE-2021-4298
A vulnerability classified as critical has been found in Hesburgh Libraries of Notre Dame Sipity. This affects the function SearchCriteriaForWorksParameter of the file app/parameters/sipity/parameter…
Medium
CVE-2014-125032
A vulnerability was found in porpeeranut go-with-me. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file module/frontend/add.php. The manipulation…
2022-12-30
Medium
CVE-2022-4860
A vulnerability was found in KBase Metrics. It has been classified as critical. This affects the function upload_user_data of the file source/daily_cron_jobs/methods_upload_user_stats.py. The manipul…
High
CVE-2022-4855
A vulnerability, which was classified as critical, was found in SourceCodester Lead Management System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument user…
High
CVE-2022-44137
SourceCodester Sanitization Management System 1.0 is vulnerable to SQL Injection.
2022-12-28
Medium
CVE-2018-25057
A vulnerability was found in simple_php_link_shortener. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument $link["id"] leads t…
Medium
CVE-2017-20150
A vulnerability was found in challenge website. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The name of the patch is f1644b1d35…