Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-15 | CVE-2024-8868 | SQL Injection vulnerability in Code-Projects Crud Operation System 1.0 A vulnerability was found in code-projects Crud Operation System 1.0. | 9.8 |
2024-09-14 | CVE-2024-8669 | The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to SQL Injection via the 'options' parameter passed to the backuply_wp_clone_sql() function in all versions up to, and including, 1.3.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.1 |
2024-09-13 | CVE-2024-44430 | SQL Injection vulnerability in Mayurik Best Free LAW Office Management 1.0 SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker to execute arbitrary code and obtain sensitive information via a crafted payload to the kortex_lite/control/register_case.php interface | 9.8 |
2024-09-13 | CVE-2024-8784 | SQL Injection vulnerability in Qdocs Smart School 7.0.0 A vulnerability classified as critical was found in QDocs Smart School Management System 7.0.0. | 8.8 |
2024-09-13 | CVE-2024-8762 | SQL Injection vulnerability in Code-Projects Crud Operation System 1.0 A vulnerability was found in code-projects Crud Operation System 1.0. | 9.8 |
2024-09-12 | CVE-2024-34334 | SQL Injection vulnerability in Ordat Ordat.Erp ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function. | 7.5 |
2024-09-12 | CVE-2024-8749 | SQL Injection vulnerability in I-Doit 28 SQL injection vulnerability in idoit pro version 28. | 7.5 |
2024-09-12 | CVE-2024-8522 | SQL Injection vulnerability in Thimpress Learnpress The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_only_fields' parameter of the /wp-json/learnpress/v1/courses REST API endpoint in all versions up to, and including, 4.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
2024-09-12 | CVE-2024-8529 | SQL Injection vulnerability in Thimpress Learnpress The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_fields' parameter of the /wp-json/lp/v1/courses/archive-course REST API endpoint in all versions up to, and including, 4.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
2024-09-12 | CVE-2024-8709 | SQL Injection vulnerability in Mayurik Best House Rental Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. | 8.8 |