Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-21 | CVE-2023-51048 | SQL Injection vulnerability in S-Cms 5.0 S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_newsauth parameter at /admin/ajax.php. | 9.8 |
| 2023-12-21 | CVE-2023-51049 | SQL Injection vulnerability in S-Cms 5.0 S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_bbsauth parameter at /admin/ajax.php. | 9.8 |
| 2023-12-21 | CVE-2023-51050 | SQL Injection vulnerability in S-Cms 5.0 S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_productauth parameter at /admin/ajax.php. | 9.8 |
| 2023-12-21 | CVE-2023-51051 | SQL Injection vulnerability in S-Cms 5.0 S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_textauth parameter at /admin/ajax.php. | 9.8 |
| 2023-12-21 | CVE-2023-51052 | SQL Injection vulnerability in S-Cms 5.0 S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_formauth parameter at /admin/ajax.php. | 9.8 |
| 2023-12-20 | CVE-2023-47990 | SQL Injection vulnerability in Cuppacms 1.0 SQL Injection vulnerability in components/table_manager/html/edit_admin_table.php in CuppaCMS V1.0 allows attackers to run arbitrary SQL commands via the table parameter. | 9.8 |
| 2023-12-20 | CVE-2023-28788 | SQL Injection vulnerability in Pagevisitcounter Advanced Page Visit Counter Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 6.4.2. | 8.8 |
| 2023-12-20 | CVE-2023-32590 | SQL Injection vulnerability in Subscribe to Category Project Subscribe to Category Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category.This issue affects Subscribe to Category: from n/a through 2.7.4. | 7.5 |
| 2023-12-17 | CVE-2023-6898 | SQL Injection vulnerability in Mayurik Best Courier Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. | 9.8 |
| 2023-12-15 | CVE-2023-30867 | SQL Injection vulnerability in Apache Streampark 2.0.0/2.1.0/2.1.1 In the Streampark platform, when users log in to the system and use certain features, some pages provide a name-based fuzzy search, such as job names, role names, etc. | 4.9 |