Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 164513 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2022-32004 Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/products/manage_product.php?id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-32003 Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/courts/view_court.php?id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-32002 Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/courts/manage_court.php?id=. HIGH Jun 2, 2022 n/a
CVE-2022-32001 Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/products/view_product.php?id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-32000 Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=service_transactions/manage_service_transaction&id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31998 Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=service_transactions/view_details&id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31996 Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/?page=sales/manage_sale&id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31994 Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=sales/view_details&id. MEDIUM Jun 2, 2022 n/a
CVE-2022-31993 Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/classes/Master.php?f=delete_service. HIGH Jun 2, 2022 n/a
CVE-2022-31992 Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=court_rentals/view_court_rental&id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31991 Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/classes/Master.php?f=delete_court. HIGH Jun 2, 2022 n/a
CVE-2022-31990 Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/classes/Master.php?f=delete_product. HIGH Jun 2, 2022 n/a
CVE-2022-31989 Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=user/manage_user&id=. HIGH Jun 2, 2022 n/a
CVE-2022-31988 Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/?page=reports/daily_services_report&date=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31986 Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=reports/daily_court_rental_report&date=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31985 Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=reports/daily_sales_report&date=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31984 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/take_action.php?id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31983 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/manage_request&id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31982 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/view_request&id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31981 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/view_team&id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31980 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manage_team&id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31978 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_inquiry. HIGH Jun 2, 2022 n/a
CVE-2022-31977 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_team. HIGH Jun 2, 2022 n/a
CVE-2022-31976 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_request. HIGH Jun 2, 2022 n/a
CVE-2022-31975 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manage_user&id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31974 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports&date=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31973 Online Fire Reporting System v1.0 is vulnerable to Delete any file via /ofrs/classes/Master.php?f=delete_img. MEDIUM Jun 2, 2022 n/a
CVE-2022-31971 ChatBot App with Suggestion v1.0 is vulnerable to SQL Injection via /simple_chat_bot/admin/?page=responses/view_response&id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31970 ChatBot App with Suggestion v1.0 is vulnerable to SQL Injection via /simple_chat_bot/admin/?page=responses/manage_response&id=. MEDIUM Jun 2, 2022 n/a
CVE-2022-31969 ChatBot App with Suggestion v1.0 is vulnerable to SQL Injection via /simple_chat_bot/admin/?page=user/manage_user&id=. HIGH Jun 2, 2022 n/a
CVE-2022-31966 ChatBot App with Suggestion v1.0 is vulnerable to Delete any file via /simple_chat_bot/classes/Master.php?f=delete_img. MEDIUM Jun 2, 2022 n/a
CVE-2022-31965 Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/respondent_types/manage_respondent_type.php?id=. HIGH Jun 2, 2022 n/a
CVE-2022-31964 Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via rdms/admin/respondent_types/view_respondent_type.php?id=. HIGH Jun 2, 2022 n/a
CVE-2022-31962 Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidents/view_incident.php?id=. HIGH Jun 2, 2022 n/a
CVE-2022-31961 Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidents/manage_incident.php?id=. HIGH Jun 2, 2022 n/a
CVE-2022-31959 Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/teams/manage_team.php?id=. HIGH Jun 2, 2022 n/a
CVE-2022-31957 Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via rdms/admin/teams/view_team.php?id=. HIGH Jun 2, 2022 n/a
CVE-2022-31956 Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incident_reports/manage_report.php?id=. HIGH Jun 2, 2022 n/a
CVE-2022-31953 Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incident_reports/view_report.php?id=. HIGH Jun 2, 2022 n/a
CVE-2022-31952 Rescue Dispatch Management System v1.0 is vulnerable to SQL injection via /rdms/classes/Master.php?f=delete_incident. HIGH Jun 2, 2022 n/a
CVE-2022-31951 Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_respondent_type. HIGH Jun 2, 2022 n/a
CVE-2022-31948 Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_report. HIGH Jun 2, 2022 n/a
CVE-2022-31946 Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_team. HIGH Jun 2, 2022 n/a
CVE-2022-31945 Rescue Dispatch Management System v1.0 is vulnerable to Delete any file via /rdms/classes/Master.php?f=delete_img. MEDIUM Jun 2, 2022 n/a
CVE-2022-31943 MCMS v5.2.8 was discovered to contain an arbitrary file upload vulnerability. HIGH Jul 1, 2022 n/a
CVE-2022-31941 Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via \\rdms\\admin?page=user\\manage_user&id=. HIGH Jun 18, 2022 n/a
CVE-2022-31937 Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd. -- Sep 24, 2022 n/a
CVE-2022-31914 Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via zms/admin/public_html/save_animal?an_id=24. LOW Jun 16, 2022 n/a
CVE-2022-31913 Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /odfs/classes/Master.php?f=save_category, name. LOW Jun 16, 2022 n/a
CVE-2022-31912 Online Tutor Portal Site v1.0 is vulnerable to SQL Injection via /otps/classes/Master.php?f=delete_team. MEDIUM Jun 16, 2022 n/a
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online