Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-19 | CVE-2023-45826 | SQL Injection vulnerability in Leantime Leantime is an open source project management system. | 6.5 |
| 2023-10-19 | CVE-2023-45379 | SQL Injection vulnerability in Posthemes Posrotatorimg 1.1 In the module "Rotator Img" (posrotatorimg) in versions at least up to 1.1 from PosThemes for PrestaShop, a guest can perform SQL injection. | 9.8 |
| 2023-10-19 | CVE-2023-5204 | SQL Injection vulnerability in Quantumcloud AI Chatbot The ChatBot plugin for WordPress is vulnerable to SQL Injection via the $strid parameter in versions up to, and including, 4.8.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
| 2023-10-19 | CVE-2023-5336 | SQL Injection vulnerability in Ipanorama 360 Wordpress Virtual Tour Builder Project Ipanorama 360 Wordpress Virtual Tour Builder The iPanorama 360 – WordPress Virtual Tour Builder plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 1.8.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2023-10-18 | CVE-2023-46005 | SQL Injection vulnerability in Mayurik Best Courier Management System 1.0 Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_branch.php. | 9.8 |
| 2023-10-18 | CVE-2023-46006 | SQL Injection vulnerability in Mayurik Best Courier Management System 1.0 Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_user.php. | 9.8 |
| 2023-10-18 | CVE-2023-46007 | SQL Injection vulnerability in Mayurik Best Courier Management System 1.0 Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_staff.php. | 9.8 |
| 2023-10-17 | CVE-2023-43794 | SQL Injection vulnerability in Xgenecloud Nocodb 0.109.2 Nocodb is an open source Airtable alternative. | 4.9 |
| 2023-10-17 | CVE-2023-45951 | SQL Injection vulnerability in Lylme Spage 1.7.0 lylme_spage v1.7.0 was discovered to contain a SQL injection vulnerability via the $userip parameter at function.php. | 9.8 |
| 2023-10-17 | CVE-2023-44693 | SQL Injection vulnerability in Dlink Dar-7000 Firmware V31R02B1413C D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /importexport.php. | 9.8 |