Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2025-04-06 CVE-2025-3323 SQL Injection vulnerability in Godcheese Nimrod 0.8
A vulnerability classified as critical was found in godcheese/code-projects Nimrod 0.8.
network
low complexity
godcheese CWE-89
8.8
2025-04-06 CVE-2025-1264 The Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links plugin for WordPress is vulnerable to SQL Injection via the 'orderBy' parameter in all versions up to, and including, 1.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
6.5
2025-04-06 CVE-2025-3308 SQL Injection vulnerability in Adonesevangelista Online Blood Bank Management System 1.0
A vulnerability was found in code-projects Blood Bank Management System 1.0.
network
low complexity
adonesevangelista CWE-89
critical
9.8
2025-04-06 CVE-2025-3307 SQL Injection vulnerability in Code-Projects Blood Bank Management System 1.0
A vulnerability was found in code-projects Blood Bank Management System 1.0.
network
low complexity
code-projects CWE-89
critical
9.8
2025-04-06 CVE-2025-3306 SQL Injection vulnerability in Code-Projects Blood Bank Management System 1.0
A vulnerability was found in code-projects Blood Bank Management System 1.0 and classified as critical.
network
low complexity
code-projects CWE-89
critical
9.8
2025-04-05 CVE-2025-3303 SQL Injection vulnerability in Code-Projects Patient Record Management System 1.0
A vulnerability, which was classified as critical, has been found in code-projects Patient Record Management System 1.0.
network
low complexity
code-projects CWE-89
7.5
2025-04-04 CVE-2025-3267 SQL Injection vulnerability in Qinguoyi Tinywebserver 1.0
A vulnerability, which was classified as critical, was found in qinguoyi TinyWebServer up to 1.0.
network
low complexity
qinguoyi CWE-89
8.8
2025-04-04 CVE-2025-3245 SQL Injection vulnerability in Angeljudesuarez Library Management System
A vulnerability was found in itsourcecode Library Management System 1.0.
network
low complexity
angeljudesuarez CWE-89
critical
9.8
2025-04-04 CVE-2025-2317 The Product Filter by WBW plugin for WordPress is vulnerable to time-based SQL Injection via the filtersDataBackend parameter in all versions up to, and including, 2.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
7.5
2025-04-04 CVE-2025-3208 SQL Injection vulnerability in Code-Projects Patient Record Management System 1.0
A vulnerability was found in code-projects Patient Record Management System 1.0.
network
low complexity
code-projects CWE-89
7.5