Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-06-15 CVE-2023-34626 SQL Injection vulnerability in Piwigo
Piwigo 13.7.0 is vulnerable to SQL Injection via the "Users" function.
network
low complexity
piwigo CWE-89
4.3
4.3
2023-06-14 CVE-2023-30150 SQL Injection vulnerability in Leotheme Leocustomajax 1.0.0
PrestaShop leocustomajax 1.0 and 1.0.0 are vulnerable to SQL Injection via modules/leocustomajax/leoajax.php.
network
low complexity
leotheme CWE-89
critical
 9.8
9.8
2023-06-14 CVE-2023-31671 SQL Injection vulnerability in Webbax Postfinance 17.1.13
PrestaShop postfinance <= 17.1.13 is vulnerable to SQL Injection via PostfinanceValidationModuleFrontController::postProcess().
network
low complexity
webbax CWE-89
critical
 9.8
9.8
2023-06-14 CVE-2023-34750 SQL Injection vulnerability in Bloofox Bloofoxcms 0.5.2.1
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=projects&action=edit.
network
low complexity
bloofox CWE-89
critical
 9.8
9.8
2023-06-14 CVE-2023-34751 SQL Injection vulnerability in Bloofox Bloofoxcms 0.5.2.1
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the gid parameter at admin/index.php?mode=user&page=groups&action=edit.
network
low complexity
bloofox CWE-89
critical
 9.8
9.8
2023-06-14 CVE-2023-34752 SQL Injection vulnerability in Bloofox Bloofoxcms 0.5.2.1
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit.
network
low complexity
bloofox CWE-89
critical
 9.8
9.8
2023-06-14 CVE-2023-34753 SQL Injection vulnerability in Bloofox Bloofoxcms 0.5.2.1
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the tid parameter at admin/index.php?mode=settings&page=tmpl&action=edit.
network
low complexity
bloofox CWE-89
critical
 9.8
9.8
2023-06-14 CVE-2023-34754 SQL Injection vulnerability in Bloofox Bloofoxcms 0.5.2.1
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit.
network
low complexity
bloofox CWE-89
critical
 9.8
9.8
2023-06-14 CVE-2023-34755 SQL Injection vulnerability in Bloofox Bloofoxcms 0.5.2.1
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the userid parameter at admin/index.php?mode=user&action=edit.
network
low complexity
bloofox CWE-89
critical
 9.8
9.8
2023-06-14 CVE-2023-34756 SQL Injection vulnerability in Bloofox Bloofoxcms 0.5.2.1
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=charset&action=edit.
network
low complexity
bloofox CWE-89
critical
 9.8
9.8