Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-11-13 CVE-2024-50971 SQL Injection vulnerability in Angeljudesuarez Construction Management System 1.0
A SQL injection vulnerability in print.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the map_id parameter.
network
low complexity
angeljudesuarez CWE-89
7.2
7.2
2024-11-13 CVE-2024-50972 SQL Injection vulnerability in Angeljudesuarez Construction Management System 1.0
A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrow_id parameter.
network
low complexity
angeljudesuarez CWE-89
7.2
7.2
2024-11-12 CVE-2024-50323 SQL Injection vulnerability in Ivanti Endpoint Manager
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution.
local
low complexity
ivanti CWE-89
7.8
7.8
2024-11-12 CVE-2024-50326 SQL Injection vulnerability in Ivanti Endpoint Manager
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
network
low complexity
ivanti CWE-89
7.2
7.2
2024-11-12 CVE-2024-50327 SQL Injection vulnerability in Ivanti Endpoint Manager
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
network
low complexity
ivanti CWE-89
7.2
7.2
2024-11-12 CVE-2024-50328 SQL Injection vulnerability in Ivanti Endpoint Manager
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
network
low complexity
ivanti CWE-89
7.2
7.2
2024-11-12 CVE-2024-11127 SQL Injection vulnerability in Anisha JOB Recruitment 1.0
A vulnerability was found in code-projects Job Recruitment up to 1.0.
network
low complexity
anisha CWE-89
8.8
8.8
2024-11-12 CVE-2024-11124 SQL Injection vulnerability in Timgeyssens Ui-O-Matic
A vulnerability has been found in TimGeyssens UIOMatic 5 and classified as critical.
network
low complexity
timgeyssens CWE-89
7.2
7.2
2024-11-12 CVE-2024-11100 SQL Injection vulnerability in 1000Projects Beauty Parlour Management System 1.0
A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0.
network
low complexity
1000projects CWE-89
critical
 9.8
9.8
2024-11-12 CVE-2024-11101 SQL Injection vulnerability in 1000Projects Beauty Parlour Management System 1.0
A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0.
network
low complexity
1000projects CWE-89
critical
 9.8
9.8