Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-13	CVE-2023-33817	SQL Injection vulnerability in Digitaldruid Hoteldruid 3.0.5 hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability. network low complexity digitaldruid CWE-89	8.8
2023-06-12	CVE-2023-34581	SQL Injection vulnerability in Oretnom23 Service Provider Management System 1.0 Sourcecodester Service Provider Management System v1.0 is vulnerable to SQL Injection via the ID parameter in /php-spms/?page=services/view&id=2 network low complexity oretnom23 CWE-89 critical	9.8
2023-06-12	CVE-2023-35036	SQL Injection vulnerability in Progress Moveit Transfer In Progress MOVEit Transfer before 2021.0.7 (13.0.7), 2021.1.5 (13.1.5), 2022.0.5 (14.0.5), 2022.1.6 (14.1.6), and 2023.0.2 (15.0.2), SQL injection vulnerabilities have been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. network low complexity progress CWE-89 critical	9.1
2023-06-11	CVE-2023-22583	SQL Injection vulnerability in Danfoss Ak-Em100 Firmware The Danfoss AK-EM100 web forms allow for SQL injection in the login forms. network low complexity danfoss CWE-89 critical	9.8
2023-06-09	CVE-2023-33557	SQL Injection vulnerability in Thedaylightstudio Fuel CMS 1.5.2 Fuel CMS v1.5.2 was discovered to contain a SQL injection vulnerability via the id parameter at /controllers/Blocks.php. network low complexity thedaylightstudio CWE-89	8.8
2023-06-08	CVE-2023-3163	SQL Injection vulnerability in Ruoyi A vulnerability was found in y_project RuoYi up to 4.7.7. network low complexity ruoyi CWE-89	7.5
2023-06-07	CVE-2023-3145	SQL Injection vulnerability in Online Discussion Forum Site Project Online Discussion Forum Site 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Online Discussion Forum Site 1.0. network low complexity online-discussion-forum-site-project CWE-89	8.8
2023-06-07	CVE-2021-4340	SQL Injection vulnerability in Stylemixthemes Ulisting The uListing plugin for WordPress is vulnerable to generic SQL Injection via the ‘listing_id’ parameter in versions up to, and including, 1.6.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. network low complexity stylemixthemes CWE-89	7.5
2023-06-06	CVE-2023-29632	SQL Injection vulnerability in Joommasters Jmspagebuilder PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php. network low complexity joommasters CWE-89 critical	9.8
2023-06-05	CVE-2023-29629	SQL Injection vulnerability in Jmsthemelayout Project Jmsthemelayout 2.5.5 PrestaShop jmsthemelayout 2.5.5 is vulnerable to SQL Injection via ajax_jmsvermegamenu.php. network low complexity jmsthemelayout-project CWE-89 critical	9.8