Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-05-26 CVE-2023-33439 SQL Injection vulnerability in Faculty Evaluation System Project Faculty Evaluation System 1.0
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id=.
network
low complexity
faculty-evaluation-system-project CWE-89
7.2
2023-05-25 CVE-2023-2851 ** UNSUPPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AGT Tech Ceppatron allows Command Line Execution through SQL Injection, SQL Injection.This issue affects all versions of the sofware also EOS when CVE-ID assigned.
network
low complexity
CWE-89
critical
10.0
2023-05-24 CVE-2022-30025 SQL Injection vulnerability in Credenceanalytics Ideal - Wealth and Funds 1.0
SQL injection in "/Framewrk/Home.jsp" file (POST method) in tCredence Analytics iDEAL Wealth and Funds - 1.0 iallows authenticated remote attackers to inject payload via "v" parameter.
network
low complexity
credenceanalytics CWE-89
6.5
2023-05-24 CVE-2023-2045 SQL Injection vulnerability in Ipekyolunet Software Auto Damage Tracking Software
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ipekyolu Software Auto Damage Tracking Software allows SQL Injection.This issue affects Auto Damage Tracking Software: before 4.
network
low complexity
ipekyolunet CWE-89
critical
9.8
2023-05-24 CVE-2023-2064 SQL Injection vulnerability in Minovateknoloji Etrace
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Minova Technology eTrace allows SQL Injection.This issue affects eTrace: before 23.05.20.
network
low complexity
minovateknoloji CWE-89
critical
9.8
2023-05-24 CVE-2023-2750 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cityboss E-municipality allows SQL Injection.This issue affects E-municipality: before 6.05.
network
low complexity
CWE-89
critical
9.8
2023-05-24 CVE-2023-2865 SQL Injection vulnerability in Theme Park Ticketing System Project Theme Park Ticketing System 1.0
A vulnerability was found in SourceCodester Theme Park Ticketing System 1.0.
network
low complexity
theme-park-ticketing-system-project CWE-89
critical
9.8
2023-05-23 CVE-2023-1508 SQL Injection vulnerability in Adampos Mobilmen EL Terminali Yazilimi
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adam Retail Automation Systems Mobilmen Terminal Software allows SQL Injection.This issue affects Mobilmen Terminal Software: before 3.
network
low complexity
adampos CWE-89
critical
9.8
2023-05-23 CVE-2023-31752 SQL Injection vulnerability in Employee and Visitor Gate Pass Logging System Project Employee and Visitor Gate Pass Logging System 1.0
SourceCodester Employee and Visitor Gate Pass Logging System v1.0 is vulnerable to SQL Injection via /employee_gatepass/classes/Login.php.
9.8
2023-05-23 CVE-2023-33361 SQL Injection vulnerability in Piwigo 13.6.0
Piwigo 13.6.0 is vulnerable to SQL Injection via /admin/permalinks.php.
network
low complexity
piwigo CWE-89
critical
9.8