Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-09 | CVE-2024-25305 | SQL Injection vulnerability in Code-Projects Simple School Management System 1.0 Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username and password parameters at School/index.php. | 8.8 |
| 2024-02-09 | CVE-2024-25306 | SQL Injection vulnerability in Code-Projects Simple School Management System 1.0 Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php". | 8.8 |
| 2024-02-09 | CVE-2024-25308 | SQL Injection vulnerability in Code-Projects Simple School Management System 1.0 Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'name' parameter at School/teacher_login.php. | 8.8 |
| 2024-02-09 | CVE-2024-25309 | SQL Injection vulnerability in Code-Projects Simple School Management System 1.0 Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at School/teacher_login.php. | 8.8 |
| 2024-02-09 | CVE-2024-25312 | SQL Injection vulnerability in Code-Projects Simple School Management System 1.0 Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at "School/sub_delete.php?id=5." | 8.8 |
| 2024-02-09 | CVE-2023-46350 | SQL Injection vulnerability in Innovadeluxe Manufacturer or Supplier Alphabetical Search 2.0.4 SQL injection vulnerability in InnovaDeluxe "Manufacturer or supplier alphabetical search" (idxrmanufacturer) module for PrestaShop versions 2.0.4 and before, allows remote attackers to escalate privileges and obtain sensitive information via the methods IdxrmanufacturerFunctions::getCornersLink, IdxrmanufacturerFunctions::getManufacturersLike and IdxrmanufacturerFunctions::getSuppliersLike. | 9.8 |
| 2024-02-09 | CVE-2023-50026 | SQL Injection vulnerability in Prestamonster Multi Accessories PRO 5.2.0 SQL injection vulnerability in Presta Monster "Multi Accessories Pro" (hsmultiaccessoriespro) module for PrestaShop versions 5.1.1 and before, allows remote attackers to escalate privileges and obtain sensitive information via the method HsAccessoriesGroupProductAbstract::getAccessoriesByIdProducts(). | 9.8 |
| 2024-02-09 | CVE-2024-24308 | SQL Injection vulnerability in Boostmyshop 1.1.9 SQL Injection vulnerability in Boostmyshop (boostmyshopagent) module for Prestashop versions 1.1.9 and before, allows remote attackers to escalate privileges and obtain sensitive information via changeOrderCarrier.php, relayPoint.php, and shippingConfirmation.php. | 9.8 |
| 2024-02-08 | CVE-2024-24495 | SQL Injection vulnerability in Remyandrade Daily Habit Tracker 1.0 SQL Injection vulnerability in delete-tracker.php in Daily Habit Tracker v.1.0 allows a remote attacker to execute arbitrary code via crafted GET request. | 9.8 |
| 2024-02-08 | CVE-2023-50061 | SQL Injection vulnerability in Store-Opart Op'Art Easy Redirect PrestaShop Op'art Easy Redirect >= 1.3.8 and <= 1.3.12 is vulnerable to SQL Injection via Oparteasyredirect::hookActionDispatcher(). | 9.8 |