Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-19 | CVE-2022-23046 | SQL Injection vulnerability in PHPipam 1.4.4 PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet" parameter while searching a subnet via app/admin/routing/edit-bgp-mapping-search.php | 6.5 |
| 2022-01-19 | CVE-2021-46204 | SQL Injection vulnerability in Taogogo Taocms 3.0.2 Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. | 7.5 |
| 2022-01-17 | CVE-2022-0258 | SQL Injection vulnerability in Pimcore pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command | 6.5 |
| 2022-01-17 | CVE-2021-25037 | SQL Injection vulnerability in Aioseo ALL in ONE SEO The All in One SEO WordPress plugin before 4.1.5.3 is affected by an authenticated SQL injection issue, which was discovered during an internal audit by the Jetpack Scan team, and could grant attackers access to privileged information from the affected site’s database (e.g., usernames and hashed passwords). | 4.0 |
| 2022-01-14 | CVE-2021-45406 | SQL Injection vulnerability in Salonerp Project Salonerp 3.0.1 In SalonERP 3.0.1, a SQL injection vulnerability allows an attacker to inject payload using 'sql' parameter in SQL query while generating a report. | 6.5 |
| 2022-01-14 | CVE-2022-0224 | SQL Injection vulnerability in Dolibarr dolibarr is vulnerable to Improper Neutralization of Special Elements used in an SQL Command | 7.5 |
| 2022-01-14 | CVE-2022-22055 | SQL Injection vulnerability in Le-Yan Dental Management System Project Le-Yan Dental Management System 2.8.5 The Le-yan dental management system contains an SQL-injection vulnerability. | 10.0 |
| 2022-01-11 | CVE-2021-43971 | SQL Injection vulnerability in Sysaid 20.4.74 A SQL injection vulnerability in /mobile/SelectUsers.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to execute arbitrary SQL commands via the filterText parameter. | 6.5 |
| 2022-01-11 | CVE-2020-28102 | SQL Injection vulnerability in Chshcms Cscms 4.1 cscms v4.1 allows for SQL injection via the "js_del" function. | 7.5 |
| 2022-01-11 | CVE-2020-28103 | SQL Injection vulnerability in Chshcms Cscms 4.1 cscms v4.1 allows for SQL injection via the "page_del" function. | 7.5 |