VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-05-15
CVE-2025-4710
SQL Injection vulnerability in Campcodes Sales and Inventory System 1.0
A vulnerability, which was classified as critical, has been found in Campcodes Sales and Inventory System 1.0.
network
low complexity
campcodes
CWE-89
critical
9.8
9.8
2025-05-15
CVE-2025-4711
SQL Injection vulnerability in Campcodes Sales and Inventory System 1.0
A vulnerability, which was classified as critical, was found in Campcodes Sales and Inventory System 1.0.
network
low complexity
campcodes
CWE-89
critical
9.8
9.8
2025-05-15
CVE-2025-4705
SQL Injection vulnerability in PHPgurukul Vehicle Parking Management System 1.13
A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13.
network
low complexity
phpgurukul
CWE-89
critical
9.8
9.8
2025-05-15
CVE-2025-4695
SQL Injection vulnerability in PHPgurukul Cyber Cafe Management System 1.0
A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0.
network
low complexity
phpgurukul
CWE-89
8.8
8.8
2025-05-15
CVE-2025-4696
SQL Injection vulnerability in PHPgurukul Cyber Cafe Management System 1.0
A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0.
network
low complexity
phpgurukul
CWE-89
8.8
8.8
2025-05-15
CVE-2025-4697
SQL Injection vulnerability in PHPgurukul Directory Management System 2.0
A vulnerability was found in PHPGurukul Directory Management System 2.0.
network
low complexity
phpgurukul
CWE-89
critical
9.8
9.8
2025-05-13
CVE-2024-51444
A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All versions < V2404.4).
network
low complexity
CWE-89
6.5
6.5
2025-05-13
CVE-2025-26390
A vulnerability has been identified in OZW672 (All versions < V6.0), OZW772 (All versions < V6.0).
network
low complexity
CWE-89
critical
9.8
9.8
2025-05-13
CVE-2025-3107
The Newsletters plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby' parameter in all versions up to, and including, 4.9.9.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
6.5
6.5
2025-05-13
CVE-2025-4396
The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection via the cats and tags query parameters in all versions up to, and including, 4.24.4 (Free) and <= 2.27.4 (Premium) due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
7.5
7.5
«
Previous
1
2
...
9
10
11
(current)
12
13
...
688
689
»
Next