Data Manipulation

Online Tours and Travels Management System SQL injection | CVE-2023-0324

January 18, 2023

NAME__________Online Tours and Travels Management System SQL injectionPlatforms Affected:Risk Level:7.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Online Tours & Travels Management System is vulnerable to...

Lead Management System SQL injection | CVE-2022-47859

January 17, 2023

NAME__________Lead Management System SQL injectionPlatforms Affected:SourceCodester Lead management system 1.0Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Lead Management System is vulnerable to SQL injection....

SAP Business Planning and Consolidation MS SQL injection | CVE-2023-0016

January 11, 2023

NAME__________SAP Business Planning and Consolidation MS SQL injectionPlatforms Affected:SAP Business Planning and Consolidation MS 10.0Risk Level:9.9Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________SAP Business Planning...

Hitachi Energy FOXMAN-UN and UNEM weak security | CVE-2022-3927

January 6, 2023

NAME__________Hitachi Energy FOXMAN-UN and UNEM weak securityPlatforms Affected:Hitachi Energy FOXMAN-UN R16A Hitachi Energy FOXMAN-UN R15B Hitachi Energy FOXMAN-UN R15A Hitachi...

Aruba Networks ClearPass Policy Manager SQL injection | CVE-2022-43530

December 8, 2022

NAME Aruba Networks ClearPass Policy Manager SQL injection Platforms Affected:Aruba Networks ClearPass Policy Manager 6.9 Aruba Networks ClearPass Policy Manager...

Advanced Booking Calendar plugin for WordPress SQL injection | CVE-2022-45822

December 6, 2022

NAME Advanced Booking Calendar plugin for WordPress SQL injection Platforms Affected:Risk Level:10Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION Advanced Booking Calendar plugin for WordPress...

Train Scheduler App cross-site scripting | CVE-2022-43079

November 15, 2022

NAME Train Scheduler App cross-site scripting Platforms Affected:Risk Level:7.2Exploitability:HighConsequences:Data Manipulation DESCRIPTION Train Scheduler App is vulnerable to cross-site scripting, caused...

D-Link DIR-878 command execution | CVE-2022-43184

November 5, 2022

NAME D-Link DIR-878 command execution Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION D-Link DIR-878 could allow a remote attacker to execute arbitrary...

Rukovoditel SQL injection | CVE-2022-43168

November 5, 2022

NAME Rukovoditel SQL injection Platforms Affected:Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Rukovoditel is vulnerable to SQL injection. A remote attacker could send...

Canteen Management System SQL injection | CVE-2022-43232

November 4, 2022

NAME Canteen Management System SQL injection Platforms Affected:Risk Level:7.2Exploitability:HighConsequences:Data Manipulation DESCRIPTION Canteen Management System is vulnerable to SQL injection. A...

Sanitization Management System SQL injection | CVE-2022-43355

November 3, 2022

NAME Sanitization Management System SQL injection Platforms Affected:Risk Level:7.2Exploitability:HighConsequences:Data Manipulation DESCRIPTION Sanitization Management System is vulnerable to SQL injection. A...

Rockwell Automation FactoryTalk VantagePoint SQL injection | CVE-2022-3158

October 7, 2022

NAME Rockwell Automation FactoryTalk VantagePoint SQL injection Platforms Affected:Rockwell Automation FactoryTalk VantagePoint 8.00.00 Rockwell Automation FactoryTalk VantagePoint 8.30.00Risk Level:9.9Exploitability:UnprovenConsequences:Data Manipulation...

Sourcecodester Best Student Result Management System SQL injection | CVE-2022-40887

October 1, 2022

NAME Sourcecodester Best Student Result Management System SQL injection Platforms Affected:Sourcecodester Best Student Result Management System 1.0Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION...

SolarWinds Orion Platform privilege escalation | CVE-2022-36961

October 1, 2022

NAME SolarWinds Orion Platform privilege escalation Platforms Affected:SolarWinds Orion Platform 2022.2Risk Level:8Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION SolarWinds Orion Platform could allow a...

Advantech iView SQL injection | CVE-2022-3323

September 30, 2022

NAME Advantech iView SQL injection Platforms Affected:Advantech iView 5.7.04.6469Risk Level:9.8Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION Advantech iView is vulnerable to SQL injection. A...

Carlo Gavazzi UWP and CPY Car Park Server SQL Injection | CVE-2022-22524

September 30, 2022

NAME Carlo Gavazzi UWP and CPY Car Park Server SQL Injection Platforms Affected:Carlo Gavazzi UWP 3.0 Carlo Gavazzi CPY Car...

Online Diagnostic Lab Management System SQL injection |

September 29, 2022

NAME Online Diagnostic Lab Management System SQL injection Platforms Affected:Sourcecodester Online Diagnostic Lab Management System 1.0Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Online...

VIAVIWEB Wallpaper Admin SQL injection |

September 22, 2022

NAME VIAVIWEB Wallpaper Admin SQL injection Platforms Affected:VIAVIWEB Wallpaper AdminRisk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION VIAVIWEB Wallpaper Admin is vulnerable to SQL...

VIAVIWEB Wallpaper Admin file upload |

September 22, 2022

NAME VIAVIWEB Wallpaper Admin file upload Platforms Affected:VIAVIWEB Wallpaper AdminRisk Level:9.8Exploitability:Proof of ConceptConsequences:Data Manipulation DESCRIPTION VIAVIWEB Wallpaper Admin could allow...

GLPI SQL injection | CVE-2022-35947

September 16, 2022

NAME GLPI SQL injection Platforms Affected:GLPI GLPI 10.0.0 GLPI GLPI 9.1Risk Level:10Exploitability:HighConsequences:Data Manipulation DESCRIPTION GLPI is vulnerable to SQL injection....

Sourcecodester Simple Task Managing System SQL injection | CVE-2022-3013

September 1, 2022

NAME Sourcecodester Simple Task Managing System SQL injection Platforms Affected:Sourcecodester Simple Task Managing System 1.0Risk Level:9.8Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION Sourcecodester Simple...

WordPress Core Link SQL injection |

September 1, 2022

NAME WordPress Core Link SQL injection Platforms Affected:WordPress WordPress 2.0.9 WordPress WordPress 2.0.11 WordPress WordPress 2.3.2 WordPress WordPress 2.3.3 WordPress...

Hgiga OAKlouds Portal website SQL injection | CVE-2022-38118

September 1, 2022

NAME Hgiga OAKlouds Portal website SQL injection Platforms Affected:HGiga OAKlouds Portal 3.0-2 HGiga OAKlouds Portal 2.0-2Risk Level:8.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Hgiga...

Exment SQL Injection | CVE-2022-37333

August 26, 2022

NAME Exment SQL Injection Platforms Affected:Exment Exment 5.0.2Risk Level:8.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Exment is vulnerable to SQL injection. A remote attacker...

Data Manipulation

Online Tours and Travels Management System SQL injection | CVE-2023-0324

Lead Management System SQL injection | CVE-2022-47859

SAP Business Planning and Consolidation MS SQL injection | CVE-2023-0016

Hitachi Energy FOXMAN-UN and UNEM weak security | CVE-2022-3927

Aruba Networks ClearPass Policy Manager SQL injection | CVE-2022-43530

Advanced Booking Calendar plugin for WordPress SQL injection | CVE-2022-45822

Train Scheduler App cross-site scripting | CVE-2022-43079

D-Link DIR-878 command execution | CVE-2022-43184

Rukovoditel SQL injection | CVE-2022-43168

Canteen Management System SQL injection | CVE-2022-43232

Sanitization Management System SQL injection | CVE-2022-43355

Rockwell Automation FactoryTalk VantagePoint SQL injection | CVE-2022-3158

Sourcecodester Best Student Result Management System SQL injection | CVE-2022-40887

SolarWinds Orion Platform privilege escalation | CVE-2022-36961

Advantech iView SQL injection | CVE-2022-3323

Carlo Gavazzi UWP and CPY Car Park Server SQL Injection | CVE-2022-22524

Online Diagnostic Lab Management System SQL injection |

VIAVIWEB Wallpaper Admin SQL injection |

VIAVIWEB Wallpaper Admin file upload |

GLPI SQL injection | CVE-2022-35947

Sourcecodester Simple Task Managing System SQL injection | CVE-2022-3013

WordPress Core Link SQL injection |

Hgiga OAKlouds Portal website SQL injection | CVE-2022-38118

Exment SQL Injection | CVE-2022-37333

[EVEREST] – Ransomware Victim: Arctrade

[EVEREST] – Ransomware Victim: MCNA Dental

CISA: Avoid Scams After Disaster Strikes

CISA: Adobe Releases Security Updates for Multiple Products

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

You may have missed