Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-12 | CVE-2023-37627 | SQL Injection vulnerability in Code-Projects Online Restaurant Management System 1.0 Code-projects Online Restaurant Management System 1.0 is vulnerable to SQL Injection. | 9.8 |
| 2023-07-12 | CVE-2023-37196 | SQL Injection vulnerability in Schneider-Electric Struxureware Data Center Expert A CWE-89: Improper Neutralization of Special Elements vulnerability used in an SQL Command ('SQL Injection') vulnerability exists that could allow a user already authenticated on DCE to access unauthorized content, change, or delete content, or perform unauthorized actions when tampering with the alert settings of endpoints on DCE. | 8.8 |
| 2023-07-11 | CVE-2023-26861 | SQL Injection vulnerability in Vivawallet Viva Wallet 1.7.10 SQL injection vulnerability found in PrestaShop vivawallet v.1.7.10 and before allows a remote attacker to gain privileges via the vivawallet() module. | 9.8 |
| 2023-07-11 | CVE-2023-3619 | SQL Injection vulnerability in Oretnom23 AC Repair and Services System 1.0 A vulnerability was found in SourceCodester AC Repair and Services System 1.0 and classified as critical. | 9.8 |
| 2023-07-11 | CVE-2023-36293 | SQL Injection vulnerability in Wmanager SQL injection vulnerability in wmanager v.1.0.7 and before allows a remote attacker to obtain sensitive information via a crafted script to the company.php component. | 7.5 |
| 2023-07-10 | CVE-2023-29095 | SQL Injection vulnerability in Carrcommunications Rsvpmaker Auth. | 7.2 |
| 2023-07-07 | CVE-2023-27845 | SQL Injection vulnerability in Kerawen Omnichannel Stocks SQL injection vulnerability found in PrestaShop lekerawen_ocs before v.1.4.1 allow a remote attacker to gain privileges via the KerawenHelper::setCartOperationInfo, and KerawenHelper::resetCheckoutSessionData components. | 9.8 |
| 2023-07-07 | CVE-2023-33664 | SQL Injection vulnerability in Ai-Dev Declinaisons a LA Volee ai-dev aicombinationsonfly before v0.3.1 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php. | 8.8 |
| 2023-07-06 | CVE-2023-30323 | SQL Injection vulnerability in Chatengine Project Chatengine 1.0 SQL Injection vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to gain sensitive information. | 7.5 |
| 2023-07-06 | CVE-2023-30325 | SQL Injection vulnerability in Chatengine Project Chatengine 1.0 SQL Injection vulnerability in textMessage parameter in /src/chatbotapp/chatWindow.java in wliang6 ChatEngine v.1.0, allows attackers to gain sensitive information. | 7.5 |