Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-06 | CVE-2023-36189 | SQL Injection vulnerability in Langchain 0.0.64 SQL injection vulnerability in langchain before v0.0.247 allows a remote attacker to obtain sensitive information via the SQLDatabaseChain component. | 7.5 |
| 2023-07-06 | CVE-2023-36968 | SQL Injection vulnerability in Food Ordering System Project Food Ordering System 1.0 A SQL Injection vulnerability detected in Food Ordering System v1.0 allows attackers to run commands on the database by sending crafted SQL queries to the ID parameter. | 7.2 |
| 2023-07-05 | CVE-2023-36932 | SQL Injection vulnerability in Progress Moveit Transfer In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web application that could allow an authenticated attacker to gain unauthorized access to the MOVEit Transfer database. | 8.1 |
| 2023-07-05 | CVE-2023-36934 | SQL Injection vulnerability in Progress Moveit Transfer In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database. | 9.1 |
| 2023-06-30 | CVE-2023-3478 | SQL Injection vulnerability in Ibos 4.5.5 A vulnerability classified as critical was found in IBOS OA 4.5.5. | 7.2 |
| 2023-06-29 | CVE-2023-34487 | SQL Injection vulnerability in Online Hotel Management System Project Online Hotel Management System 1.0.0 itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to SQL Injection. | 9.8 |
| 2023-06-29 | CVE-2023-34735 | SQL Injection vulnerability in Property Cloud Platform Management Center Project Property Cloud Platform Management Center 1.0 Property Cloud Platform Management Center 1.0 is vulnerable to error-based SQL injection. | 9.8 |
| 2023-06-28 | CVE-2023-33592 | SQL Injection vulnerability in Oretnom23 Lost and Found Information System 1.0 Lost and Found Information System v1.0 was discovered to contain a SQL injection vulnerability via the component /php-lfis/admin/?page=system_info/contact_information. | 9.8 |
| 2023-06-27 | CVE-2023-2482 | SQL Injection vulnerability in Wpwox Responsive CSS Editor 1.0 The Responsive CSS EDITOR WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admin. | 7.2 |
| 2023-06-27 | CVE-2023-2592 | SQL Injection vulnerability in Ncrafts Formcraft The FormCraft WordPress plugin before 3.9.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. | 7.2 |