Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-26 | CVE-2023-5783 | SQL Injection vulnerability in Tongda2000 Tongda Office Anywhere A vulnerability has been found in Tongda OA 2017 up to 11.9 and classified as critical. | 7.5 |
| 2023-10-26 | CVE-2023-5780 | SQL Injection vulnerability in Tongda2000 Tongda Office Anywhere A vulnerability classified as critical was found in Tongda OA 2017 11.10. | 9.8 |
| 2023-10-26 | CVE-2023-5781 | SQL Injection vulnerability in Tongda2000 Tongda Office Anywhere A vulnerability, which was classified as critical, has been found in Tongda OA 2017 11.10. | 9.8 |
| 2023-10-25 | CVE-2023-46584 | SQL Injection vulnerability in PHPgurukul Nipah Virus Testing Management System 1.0 SQL Injection vulnerability in PHPGurukul Nipah virus (NiV) " Testing Management System v.1.0 allows a remote attacker to escalate privileges via a crafted request to the new-user-testing.php endpoint. | 9.8 |
| 2023-10-25 | CVE-2023-26568 | SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052 Unauthenticated SQL injection in the GetStudentGroupStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. | 9.1 |
| 2023-10-25 | CVE-2023-26569 | SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052 Unauthenticated SQL injection in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. | 9.1 |
| 2023-10-25 | CVE-2023-26572 | SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052 Unauthenticated SQL injection in the GetExcursionList method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. | 9.1 |
| 2023-10-25 | CVE-2023-26581 | SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052 Unauthenticated SQL injection in the GetVisitors method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. | 9.1 |
| 2023-10-25 | CVE-2023-26582 | SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052 Unauthenticated SQL injection in the GetExcursionDetails method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. | 9.1 |
| 2023-10-25 | CVE-2023-26583 | SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052 Unauthenticated SQL injection in the GetCurrentPeriod method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. | 9.1 |