Vendor CVEs
Codeastro
All CVEs
221 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-33057 | 0.00 | — | 0.01 | Jun 29, 2022 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_reservation. | |||
| CVE-2022-33056 | 0.00 | — | 0.01 | Jun 21, 2022 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/schedules/manage_schedule.php. | |||
| CVE-2022-33055 | 0.00 | — | 0.01 | Jun 21, 2022 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/trains/manage_train.php. | |||
| CVE-2022-33049 | 0.00 | — | 0.01 | Jun 21, 2022 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/?page=user/manage_user. | |||
| CVE-2022-33048 | 0.00 | — | 0.01 | Jun 21, 2022 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/reservations/view_details.php. | |||
| CVE-2021-44098 | 0.00 | — | 0.01 | May 31, 2022 | EGavilan Media Expense-Management-System 1.0 is vulnerable to SQL Injection via /expense_action.php. This allows a remote attacker to compromise Application SQL database. | |||
| CVE-2022-30819 | 0.00 | — | 0.01 | May 31, 2022 | In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "photos_edit.php" file. | |||
| CVE-2022-30820 | 0.00 | — | 0.01 | May 31, 2022 | In Wedding Management v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "users_edit.php" file. | |||
| CVE-2022-30825 | 0.00 | — | 0.01 | May 31, 2022 | Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\client_edit.php. | |||
| CVE-2022-30826 | 0.00 | — | 0.01 | May 31, 2022 | Wedding Management System v1.0 is vulnerable to SQL Injection via admin\client_assign.php. | |||
| CVE-2022-30827 | 0.00 | — | 0.01 | May 31, 2022 | Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\package_edit.php. | |||
| CVE-2022-30828 | 0.00 | — | 0.01 | May 31, 2022 | Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\photos_edit.php. | |||
| CVE-2022-30830 | 0.00 | — | 0.01 | May 31, 2022 | Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\feature_edit.php. | |||
| CVE-2022-30831 | 0.00 | — | 0.01 | May 31, 2022 | Wedding Management System v1.0 is vulnerable to SQL Injection via Wedding-Management/wedding_details.php. | |||
| CVE-2022-30832 | 0.00 | — | 0.01 | May 31, 2022 | Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_assign.php?booking=31&user_id=. | |||
| CVE-2022-30833 | 0.00 | — | 0.01 | May 31, 2022 | Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_edit.php?booking=31&user_id=. | |||
| CVE-2022-30834 | 0.00 | — | 0.01 | May 31, 2022 | Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_manage_account_details.php?booking_id=31&user_id= | |||
| CVE-2022-30835 | 0.00 | — | 0.01 | May 31, 2022 | Wedding Management System v1.0 is vulnerable to SQL Injection. via /Wedding-Management/admin/budget.php?booking_id=. | |||
| CVE-2022-30836 | 0.00 | — | 0.01 | May 31, 2022 | Wedding Management System v1.0 is vulnerable to SQL Injection. via Wedding-Management/admin/select.php. | |||
| CVE-2021-44866 | 0.00 | — | 0.01 | Feb 3, 2022 | An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perform input validation on the 'id' paramter. An attacker can append SQL queries to the input to extract sensitive information from the database. | |||
| CVE-2020-35395 | 0.00 | — | 0.01 | Dec 15, 2020 | XSS in the Add Expense Component of EGavilan Media Expense Management System 1.0 allows an attacker to permanently store malicious JavaScript code via the 'description' field |
- CVE-2022-33057Jun 29, 2022risk 0.00cvss —epss 0.01
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_reservation.
- CVE-2022-33056Jun 21, 2022risk 0.00cvss —epss 0.01
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/schedules/manage_schedule.php.
- CVE-2022-33055Jun 21, 2022risk 0.00cvss —epss 0.01
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/trains/manage_train.php.
- CVE-2022-33049Jun 21, 2022risk 0.00cvss —epss 0.01
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/?page=user/manage_user.
- CVE-2022-33048Jun 21, 2022risk 0.00cvss —epss 0.01
Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /orrs/admin/reservations/view_details.php.
- CVE-2021-44098May 31, 2022risk 0.00cvss —epss 0.01
EGavilan Media Expense-Management-System 1.0 is vulnerable to SQL Injection via /expense_action.php. This allows a remote attacker to compromise Application SQL database.
- CVE-2022-30819May 31, 2022risk 0.00cvss —epss 0.01
In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "photos_edit.php" file.
- CVE-2022-30820May 31, 2022risk 0.00cvss —epss 0.01
In Wedding Management v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "users_edit.php" file.
- CVE-2022-30825May 31, 2022risk 0.00cvss —epss 0.01
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\client_edit.php.
- CVE-2022-30826May 31, 2022risk 0.00cvss —epss 0.01
Wedding Management System v1.0 is vulnerable to SQL Injection via admin\client_assign.php.
- CVE-2022-30827May 31, 2022risk 0.00cvss —epss 0.01
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\package_edit.php.
- CVE-2022-30828May 31, 2022risk 0.00cvss —epss 0.01
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\photos_edit.php.
- CVE-2022-30830May 31, 2022risk 0.00cvss —epss 0.01
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\feature_edit.php.
- CVE-2022-30831May 31, 2022risk 0.00cvss —epss 0.01
Wedding Management System v1.0 is vulnerable to SQL Injection via Wedding-Management/wedding_details.php.
- CVE-2022-30832May 31, 2022risk 0.00cvss —epss 0.01
Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_assign.php?booking=31&user_id=.
- CVE-2022-30833May 31, 2022risk 0.00cvss —epss 0.01
Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_edit.php?booking=31&user_id=.
- CVE-2022-30834May 31, 2022risk 0.00cvss —epss 0.01
Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_manage_account_details.php?booking_id=31&user_id=
- CVE-2022-30835May 31, 2022risk 0.00cvss —epss 0.01
Wedding Management System v1.0 is vulnerable to SQL Injection. via /Wedding-Management/admin/budget.php?booking_id=.
- CVE-2022-30836May 31, 2022risk 0.00cvss —epss 0.01
Wedding Management System v1.0 is vulnerable to SQL Injection. via Wedding-Management/admin/select.php.
- CVE-2021-44866Feb 3, 2022risk 0.00cvss —epss 0.01
An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perform input validation on the 'id' paramter. An attacker can append SQL queries to the input to extract sensitive information from the database.
- CVE-2020-35395Dec 15, 2020risk 0.00cvss —epss 0.01
XSS in the Add Expense Component of EGavilan Media Expense Management System 1.0 allows an attacker to permanently store malicious JavaScript code via the 'description' field
Page 5 of 5