Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-12	CVE-2023-30192	SQL Injection vulnerability in Prestashop Possearchproducts 1.7 Prestashop possearchproducts 1.7 is vulnerable to SQL Injection via PosSearch::find(). network low complexity prestashop CWE-89 critical	9.8
2023-05-11	CVE-2023-28359	SQL Injection vulnerability in Rocket.Chat A NoSQL injection vulnerability has been identified in the listEmojiCustom method call within Rocket.Chat. network low complexity rocket-chat CWE-89	5.3
2023-05-11	CVE-2023-2659	SQL Injection vulnerability in Oretnom23 Online Computer and Laptop Store 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. network low complexity oretnom23 CWE-89 critical	9.8
2023-05-11	CVE-2023-29863	SQL Injection vulnerability in Medisys Weblab 19.4.03 Medical Systems Co. network low complexity medisys CWE-89 critical	9.8
2023-05-10	CVE-2023-30194	SQL Injection vulnerability in Prestashop Poststaticfooter Prestashop posstaticfooter <= 1.0.0 is vulnerable to SQL Injection via posstaticfooter::getPosCurrentHook(). network low complexity prestashop CWE-89 critical	9.8
2023-05-10	CVE-2023-32569	SQL Injection vulnerability in Veritas Infoscale Operations Manager An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. network low complexity veritas CWE-89 critical	9.8
2023-05-08	CVE-2023-30092	SQL Injection vulnerability in Online Pizza Ordering System Project Online Pizza Ordering System 1.0 SourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY parameter. network low complexity online-pizza-ordering-system-project CWE-89 critical	9.8
2023-05-08	CVE-2020-23966	SQL Injection vulnerability in Victor CMS Project Victor CMS 1.0 SQL Injection vulnerability in victor cms 1.0 allows attackers to execute arbitrary commands via the post parameter to /post.php in a crafted GET request. network low complexity victor-cms-project CWE-89 critical	9.8
2023-05-08	CVE-2021-28999	SQL Injection vulnerability in Cmsmadesimple CMS Made Simple SQL Injection vulnerability in CMS Made Simple through 2.2.15 allows remote attackers to execute arbitrary commands via the m1_sortby parameter to modules/News/function.admin_articlestab.php. network low complexity cmsmadesimple CWE-89	8.8
2023-05-08	CVE-2023-30018	SQL Injection vulnerability in Judging Management System Project Judging Management System 1.0 Judging Management System v1.0 is vulnerable to SQL Injection. network low complexity judging-management-system-project CWE-89 critical	9.8