Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-01 | CVE-2023-48893 | SQL Injection vulnerability in Slims Senayan Library Management System Bulian 9.6.1 SLiMS (aka SENAYAN Library Management System) through 9.6.1 allows admin/modules/reporting/customs/staff_act.php SQL Injection via startDate or untilDate. | 8.8 |
| 2023-12-01 | CVE-2023-49371 | SQL Injection vulnerability in Ruoyi RuoYi up to v4.6 was discovered to contain a SQL injection vulnerability via /system/dept/edit. | 9.8 |
| 2023-12-01 | CVE-2023-48016 | SQL Injection vulnerability in PHPgurukul Restaurant Table Booking System 1.0 Restaurant Table Booking System V1.0 is vulnerable to SQL Injection in rtbs/admin/index.php via the username parameter. | 7.5 |
| 2023-11-30 | CVE-2023-46956 | SQL Injection vulnerability in Oretnom23 Packers and Movers Management System 1.0 SQL injection vulnerability in Packers and Movers Management System v.1.0 allows a remote attacker to execute arbitrary code via crafted payload to the /mpms/admin/?page=user/manage_user&id file. | 7.2 |
| 2023-11-30 | CVE-2023-6360 | SQL Injection vulnerability in Joedolson MY Calendar The 'My Calendar' WordPress Plugin, version < 3.4.22 is affected by an unauthenticated SQL injection vulnerability in the 'from' and 'to' parameters in the '/my-calendar/v1/events' rest route. | 9.8 |
| 2023-11-30 | CVE-2023-6402 | SQL Injection vulnerability in PHPgurukul Nipah Virus Testing Management System 1.0 A vulnerability, which was classified as critical, was found in PHPGurukul Nipah Virus Testing Management System 1.0. | 8.8 |
| 2023-11-30 | CVE-2023-6413 | SQL Injection vulnerability in Aatifaneeq Voovi 1.0 A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via photos.php in the id and user parameters. | 7.5 |
| 2023-11-30 | CVE-2023-6417 | SQL Injection vulnerability in Aatifaneeq Voovi 1.0 A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via update.php in the id parameter. | 7.5 |
| 2023-11-27 | CVE-2023-46349 | SQL Injection vulnerability in Myprestamodules Updateproducts 3.7.6 In the module "Product Catalog (CSV, Excel) Export/Update" (updateproducts) < 3.8.5 from MyPrestaModules for PrestaShop, a guest can perform SQL injection. | 9.8 |
| 2023-11-27 | CVE-2023-48188 | SQL Injection vulnerability in Store-Opart Op'Art Devis SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4.6.12 allows a remote attacker to execute arbitrary code via a crafted script to the getModuleTranslation function. | 9.8 |