CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-36161
https://notcve.org/view.php?id=CVE-2022-36161
Orange Station 1.0 was discovered to contain a SQL injection vulnerability via the username parameter. Se ha detectado que Orange Station versión 1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro username. • https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayuri_k/2022/Orange-Station-1.0 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2468 – SourceCodester Garage Management System editbrand.php sql injection
https://notcve.org/view.php?id=CVE-2022-2468
A vulnerability was found in SourceCodester Garage Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /editbrand.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Garage-Management-System.md https://vuldb.com/?id.204161 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 2CVE-2022-2467 – SourceCodester Garage Management System login.php sql injection
https://notcve.org/view.php?id=CVE-2022-2467
A vulnerability has been found in SourceCodester Garage Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument username with the input 1@a.com' AND (SELECT 6427 FROM (SELECT(SLEEP(5)))LwLu) AND 'hsvT'='hsvT leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Garage-Management-System.md https://vuldb.com/?id.204160 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •