Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-22 | CVE-2023-37434 | SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. | 8.1 |
| 2023-08-22 | CVE-2023-37435 | SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. | 6.5 |
| 2023-08-22 | CVE-2023-37436 | SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. | 6.5 |
| 2023-08-22 | CVE-2023-37437 | SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. | 6.5 |
| 2023-08-22 | CVE-2023-37438 | SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. | 6.5 |
| 2023-08-21 | CVE-2023-38899 | SQL Injection vulnerability in Berkaygediz O Blog 1.0 SQL injection vulnerability in berkaygediz O_Blog v.1.0 allows a local attacker to escalate privileges via the secure_file_priv component. | 7.8 |
| 2023-08-21 | CVE-2023-39939 | SQL Injection vulnerability in Luxsoft Luxcal web Calendar SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute arbitrary queries against the database and obtain or alter the information in it. | 9.1 |
| 2023-08-21 | CVE-2023-39807 | SQL Injection vulnerability in Nvki Intelligent Broadband Subscriber Gateway 3.5 N.V.K.INTER CO., LTD. | 9.8 |
| 2023-08-21 | CVE-2023-4444 | SQL Injection vulnerability in Free Hospital Management System for Small Practices Project Free Hospital Management System for Small Practices 1.0 A vulnerability classified as critical was found in SourceCodester Free Hospital Management System for Small Practices 1.0. | 9.8 |
| 2023-08-18 | CVE-2023-38839 | SQL Injection vulnerability in Kidus Minimati 1.0.0 SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via theID parameter in the fulldelete.php component. | 7.5 |