Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-23 | CVE-2021-26686 | SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. | 5.5 |
| 2021-02-19 | CVE-2020-24617 | SQL Injection vulnerability in Mailtrain Mailtrain through 1.24.1 allows SQL Injection in statsClickedSubscribersByColumn in lib/models/campaigns.js via /campaigns/clicked/ajax because variable column names are not properly escaped. | 6.0 |
| 2021-02-18 | CVE-2021-27124 | SQL Injection vulnerability in Doctor Appointment System Project Doctor Appointment System 1.0 SQL injection in the expertise parameter in search_result.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack. | 4.0 |
| 2021-02-17 | CVE-2021-25779 | SQL Injection vulnerability in Baby Care System Project Baby Care System 1.0 Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page. | 7.5 |
| 2021-02-17 | CVE-2020-36003 | SQL Injection vulnerability in Online Book Store Project Online Book Store 1.0 The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases. | 5.0 |
| 2021-02-17 | CVE-2020-36002 | SQL Injection vulnerability in Seat-Reservation-System Project Seat-Reservation-System 1.0 Seat-Reservation-System 1.0 has a SQL injection vulnerability in index.php in the id and file parameters where attackers can obtain sensitive database information. | 5.0 |
| 2021-02-17 | CVE-2021-22854 | SQL Injection vulnerability in HR Portal Project HR Portal 7.3.2020.1013 The HR Portal of Soar Cloud System fails to filter specific parameters. | 5.0 |
| 2021-02-17 | CVE-2021-22856 | SQL Injection vulnerability in Changjia Property Management System Project Changjia Property Management System 1.00 The CGE property management system contains SQL Injection vulnerabilities. | 5.0 |
| 2021-02-16 | CVE-2021-27101 | SQL Injection vulnerability in Accellion FTA 912370 Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. | 7.5 |
| 2021-02-16 | CVE-2020-24841 | SQL Injection vulnerability in SDG Pnpscada 2.200816204020 PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in /browse.jsp. | 7.5 |