Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-31 | CVE-2023-25045 | SQL Injection vulnerability in Carrcommunications Rsvpmaker Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. | 7.2 |
| 2023-10-31 | CVE-2023-5429 | SQL Injection vulnerability in Gopiplus Information Reel The Information Reel plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2023-10-31 | CVE-2023-45996 | SQL Injection vulnerability in Slims products SQL injection vulnerability in Senayan Library Management Systems Slims v.9 and Bulian v.9.6.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script to the reborrowLimit parameter in the member_type.php. | 8.8 |
| 2023-10-31 | CVE-2023-36263 | SQL Injection vulnerability in Prestashop Opartlimitquantity 1.4.5 Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection. | 9.8 |
| 2023-10-31 | CVE-2023-27846 | SQL Injection vulnerability in Themevolty Theme Volty CMS Blog 4.0.1/4.0.8 SQL injection vulnerability found in PrestaShop themevolty v.4.0.8 and before allow a remote attacker to gain privileges via the tvcmsblog, tvcmsvideotab, tvcmswishlist, tvcmsbrandlist, tvcmscategorychainslider, tvcmscategoryproduct, tvcmscategoryslider, tvcmspaymenticon, tvcmstestimonial components. | 9.8 |
| 2023-10-31 | CVE-2023-45378 | SQL Injection vulnerability in Hdclic Prestablog 4.4.7 In the module "PrestaBlog" (prestablog) version 4.4.7 and before from HDclic for PrestaShop, a guest can perform SQL injection. | 9.8 |
| 2023-10-31 | CVE-2023-46356 | SQL Injection vulnerability in Blmodules CSV Feeds PRO 2.5.2 In the module "CSV Feeds PRO" (csvfeeds) before 2.6.1 from Bl Modules for PrestaShop, a guest can perform SQL injection. | 9.8 |
| 2023-10-30 | CVE-2023-5252 | SQL Injection vulnerability in Fareharbor The FareHarbor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.6.7 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2023-10-30 | CVE-2023-5315 | SQL Injection vulnerability in Matthewschwartz Google Maps Made Simple 0.6 The Google Maps made Simple plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 0.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 8.8 |
| 2023-10-27 | CVE-2023-46490 | SQL Injection vulnerability in Cacti 1.2.25 SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() function in the managers.php function. | 6.5 |