Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-05 | CVE-2023-30243 | SQL Injection vulnerability in Netentsec Application Security Gateway 6.3 Beijing Netcon NS-ASG Application Security Gateway v6.3 is vulnerable to SQL Injection via TunnelId that allows access to sensitive information. | 7.5 |
| 2023-05-05 | CVE-2023-30242 | SQL Injection vulnerability in Netentsec Application Security Gateway 6.3 NS-ASG v6.3 was discovered to contain a SQL injection vulnerability via the component /admin/add_ikev2.php. | 9.8 |
| 2023-05-04 | CVE-2023-30203 | SQL Injection vulnerability in Judging Management System Project Judging Management System 1.0 Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the event_id parameter at /php-jms/result_sheet.php. | 9.8 |
| 2023-05-04 | CVE-2023-23470 | SQL Injection vulnerability in IBM I IBM i 7.2, 7.3, 7.4, and 7.5 could allow an authenticated privileged administrator to gain elevated privileges in non-default configurations, as a result of improper SQL processing. | 6.4 |
| 2023-05-04 | CVE-2022-4259 | SQL Injection vulnerability in Nozominetworks CMC and Guardian Due to improper input validation in the Alerts controller, a SQL injection vulnerability in Nozomi Networks Guardian and CMC allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application. | 8.8 |
| 2023-05-04 | CVE-2023-29842 | SQL Injection vulnerability in Churchcrm 4.5.4 ChurchCRM 4.5.4 endpoint /EditEventTypes.php is vulnerable to Blind SQL Injection (Time-based) via the EN_tyid POST parameter. | 8.8 |
| 2023-05-04 | CVE-2023-30077 | SQL Injection vulnerability in Judging Management System Project Judging Management System 1.0 Judging Management System v1.0 by oretnom23 was discovered to vulnerable to SQL injection via /php-jms/review_result.php?mainevent_id=, mainevent_id. | 9.8 |
| 2023-05-04 | CVE-2023-27568 | SQL Injection vulnerability in Spryker Commerce OS 0.9 SQL injection vulnerability inSpryker Commerce OS 0.9 that allows for access to sensitive data via customer/order?orderSearchForm[searchText]= | 8.8 |
| 2023-05-03 | CVE-2023-30204 | SQL Injection vulnerability in Judging Management System Project Judging Management System 1.0 Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the judge_id parameter at /php-jms/edit_judge.php. | 9.8 |
| 2023-05-02 | CVE-2023-30944 | SQL Injection vulnerability in multiple products The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. | 7.3 |