Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-05 | CVE-2023-29630 | SQL Injection vulnerability in Joommasters JMS Drop Mega Menu 1.0.0/2.0.0 PrestaShop jmsmegamenu 1.1.x and 2.0.x is vulnerable to SQL Injection via ajax_jmsmegamenu.php. | 9.8 |
| 2023-06-02 | CVE-2023-33762 | SQL Injection vulnerability in Simpleredak 2.47.23.05 eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a SQL injection vulnerability via the Activity parameter. | 9.8 |
| 2023-06-02 | CVE-2023-30149 | SQL Injection vulnerability in Ebewe City Autocomplete 1.8.12 SQL injection vulnerability in the City Autocomplete (cityautocomplete) module from ebewe.net for PrestaShop, prior to version 1.8.12 (for PrestaShop version 1.5/1.6) or prior to 2.0.3 (for PrestaShop version 1.7), allows remote attackers to execute arbitrary SQL commands via the type, input_name. | 9.8 |
| 2023-06-02 | CVE-2023-34362 | SQL Injection vulnerability in Progress Moveit Cloud and Moveit Transfer In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. | 9.8 |
| 2023-06-02 | CVE-2023-2201 | SQL Injection vulnerability in Salephpscripts web Directory Free The Web Directory Free for WordPress is vulnerable to SQL Injection via the ‘post_id’ parameter in versions up to, and including, 1.6.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 8.8 |
| 2023-06-01 | CVE-2023-29154 | SQL Injection vulnerability in Contec Conprosys HMI System SQL injection vulnerability exists in the CONPROSYS HMI System (CHS) versions prior to 3.5.3. | 7.2 |
| 2023-05-31 | CVE-2023-33967 | SQL Injection vulnerability in Megaease Easeprobe EaseProbe is a tool that can do health/status checking. | 9.8 |
| 2023-05-31 | CVE-2023-33509 | SQL Injection vulnerability in Kramerav VIA GO2 Firmware KramerAV VIA GO² < 4.0.1.1326 is vulnerable to SQL Injection. | 9.8 |
| 2023-05-31 | CVE-2021-31233 | SQL Injection vulnerability in Fighting Cock Information System Project Fighting Cock Information System 1.0 SQL Injection vulnerability found in Fighting Cock Information System v.1.0 allows a remote attacker to obtain sensitive information via the edit_breed.php parameter. | 7.5 |
| 2023-05-30 | CVE-2023-33734 | SQL Injection vulnerability in Bluecms Project Bluecms 1.6 BlueCMS v1.6 was discovered to contain a SQL injection vulnerability via the keywords parameter at search.php. | 9.8 |