Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-15 | CVE-2023-47445 | SQL Injection vulnerability in PHPgurukul Pre-School Enrollment System 1.0 Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via the username parameter in preschool/admin/ page. | 9.8 |
| 2023-11-15 | CVE-2023-43979 | SQL Injection vulnerability in Prestahero YBC Blog ETS Soft ybc_blog before v4.4.0 was discovered to contain a SQL injection vulnerability via the component Ybc_blogBlogModuleFrontController::getPosts(). | 9.8 |
| 2023-11-15 | CVE-2023-47308 | SQL Injection vulnerability in Activedesign Newsletterpop In the module "Newsletter Popup PRO with Voucher/Coupon code" (newsletterpop) before version 2.6.1 from Active Design for PrestaShop, a guest can perform SQL injection in affected versions. | 9.8 |
| 2023-11-14 | CVE-2023-46022 | SQL Injection vulnerability in Code-Projects Blood Bank 1.0 SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter. | 7.8 |
| 2023-11-14 | CVE-2023-46023 | SQL Injection vulnerability in Code-Projects Simple Task List 1.0 SQL injection vulnerability in addTask.php in Code-Projects Simple Task List 1.0 allows attackers to obtain sensitive information via the 'status' parameter. | 6.5 |
| 2023-11-14 | CVE-2023-46024 | SQL Injection vulnerability in PHPgurukul Teacher Subject Allocation Management System 1.0 SQL Injection vulnerability in index.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary SQL commands and obtain sensitive information via the 'searchdata' parameter. | 7.5 |
| 2023-11-14 | CVE-2023-46025 | SQL Injection vulnerability in PHPgurukul Teacher Subject Allocation Management System 1.0 SQL Injection vulnerability in teacher-info.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to obtain sensitive information via the 'editid' parameter. | 4.9 |
| 2023-11-14 | CVE-2023-46581 | SQL Injection vulnerability in Code-Projects Inventory Management 1.0 SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary code via the name, uname and email parameters in the registration.php component. | 5.5 |
| 2023-11-14 | CVE-2023-46582 | SQL Injection vulnerability in Code-Projects Inventory Management 1.0 SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary SQL commands via the id paramter in the deleteProduct.php component. | 7.8 |
| 2023-11-14 | CVE-2023-45684 | SQL Injection vulnerability in Northern.Tech Cfengine Northern.tech CFEngine Enterprise before 3.21.3 allows SQL Injection. | 7.5 |