Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-05 | CVE-2024-10841 | SQL Injection vulnerability in Romadebrian Web-Sekolah 1.0 A vulnerability classified as critical was found in romadebrian WEB-Sekolah 1.0. | 8.0 |
| 2024-11-05 | CVE-2024-10687 | SQL Injection vulnerability in Contest-Gallery Contest Gallery The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons plugin for WordPress is vulnerable to time-based SQL Injection via the $collectedIds parameter in all versions up to, and including, 24.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.8 |
| 2024-11-05 | CVE-2024-9459 | SQL Injection vulnerability in Zohocorp Manageengine Exchange Reporter Plus Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module. | 8.8 |
| 2024-11-05 | CVE-2024-10808 | SQL Injection vulnerability in Anisha E-Health Care System 1.0 A vulnerability has been found in code-projects E-Health Care System 1.0 and classified as critical. | 7.5 |
| 2024-11-05 | CVE-2024-10809 | SQL Injection vulnerability in Anisha E-Health Care System 1.0 A vulnerability was found in code-projects E-Health Care System 1.0 and classified as critical. | 7.5 |
| 2024-11-05 | CVE-2024-10810 | SQL Injection vulnerability in Anisha E-Health Care System 1.0 A vulnerability was found in code-projects E-Health Care System 1.0. | 7.5 |
| 2024-11-04 | CVE-2024-10805 | SQL Injection vulnerability in Anisha University Event Management System 1.0 A vulnerability was found in code-projects University Event Management System 1.0. | 8.8 |
| 2024-11-04 | CVE-2024-10791 | SQL Injection vulnerability in Codezips Hospital Appointment System 1.0 A vulnerability, which was classified as critical, has been found in Codezips Hospital Appointment System 1.0. | 9.8 |
| 2024-11-04 | CVE-2024-51326 | SQL Injection vulnerability in Projectworlds Travel Management System 1.0 SQL Injection vulnerability in projectworlds Travel management System v.1.0 allows a remote attacker to execute arbitrary code via the 't2' parameter in deletesubcategory.php. | 7.5 |
| 2024-11-04 | CVE-2024-51327 | SQL Injection vulnerability in Projectworlds Travel Management System 1.0 SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL Injection in the 'username' and 'password' fields. | 9.8 |