Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-30 | CVE-2023-41543 | SQL Injection vulnerability in Jeecg Boot SQL injection vulnerability in jeecg-boot v3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the component /sys/replicate/check. | 9.8 |
| 2023-12-29 | CVE-2023-50070 | SQL Injection vulnerability in Oretnom23 Customer Support System 1.0 Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_ticket via department_id, customer_id, and subject. | 8.8 |
| 2023-12-29 | CVE-2023-50071 | SQL Injection vulnerability in Customer Support System Project Customer Support System 1.0 Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_department via id or name. | 8.8 |
| 2023-12-29 | CVE-2023-50035 | SQL Injection vulnerability in Small CRM Project Small CRM 3.0 PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection on the Users login panel because of "password" parameter is directly used in the SQL query without any sanitization and the SQL Injection payload being executed. | 9.8 |
| 2023-12-29 | CVE-2023-44088 | SQL Injection vulnerability in Pandorafms Pandora FMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows SQL Injection. Arbitrary SQL queries were allowed to be executed using any account with low privileges. This issue affects Pandora FMS: from 700 through 774. | 8.8 |
| 2023-12-29 | CVE-2023-23634 | SQL Injection vulnerability in Documize 5.4.2 SQL Injection vulnerability in Documize version 5.4.2, allows remote attackers to execute arbitrary code via the user parameter of the /api/dashboard/activity endpoint. | 9.8 |
| 2023-12-29 | CVE-2023-7144 | SQL Injection vulnerability in Masterlab A vulnerability classified as critical has been found in gopeak MasterLab up to 3.3.10. | 9.8 |
| 2023-12-28 | CVE-2023-50846 | SQL Injection vulnerability in Metagauss Registrationmagic Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RegistrationMagic RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login.This issue affects RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login: from n/a through 5.2.4.5. | 7.2 |
| 2023-12-28 | CVE-2023-7131 | SQL Injection vulnerability in Carmelogarcia Intern Membership Management System 2.0 A vulnerability was found in code-projects Intern Membership Management System 2.0 and classified as critical. | 9.8 |
| 2023-12-28 | CVE-2023-50857 | SQL Injection vulnerability in Funnelkit Automations Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit.This issue affects Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit: from n/a through 2.6.1. | 7.2 |