Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-26584 | SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052 Unauthenticated SQL injection in the GetStudentInconsistencies method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. | 9.1 |
| 2023-10-25 | CVE-2023-27254 | SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052 Unauthenticated SQL injection in the GetRoomChanges method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. | 9.1 |
| 2023-10-25 | CVE-2023-27255 | SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052 Unauthenticated SQL injection in the DeleteRoomChanges method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. | 9.1 |
| 2023-10-25 | CVE-2023-27260 | SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052 Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. | 9.1 |
| 2023-10-25 | CVE-2023-27262 | SQL Injection vulnerability in Idattend Idweb 3.1.013/3.1.052 Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers. | 9.1 |
| 2023-10-25 | CVE-2023-43507 | SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. | 8.8 |
| 2023-10-25 | CVE-2023-46347 | SQL Injection vulnerability in Ndkdesign NDK Steppingpack 1.5.6 In the module "Step by Step products Pack" (ndk_steppingpack) version 1.5.6 and before from NDK Design for PrestaShop, a guest can perform SQL injection. | 9.8 |
| 2023-10-25 | CVE-2023-46358 | SQL Injection vulnerability in Snegurka Referralbyphone 3.5.1 In the module "Referral and Affiliation Program" (referralbyphone) version 3.5.1 and before from Snegurka for PrestaShop, a guest can perform SQL injection. | 9.8 |
| 2023-10-23 | CVE-2023-5700 | SQL Injection vulnerability in Netentsec Application Security Gateway 6.3 A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. | 9.8 |
| 2023-10-22 | CVE-2023-5693 | SQL Injection vulnerability in Martmbithi Internet Banking System 1.0 A vulnerability was found in CodeAstro Internet Banking System 1.0 and classified as critical. | 9.8 |