Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-03 | CVE-2023-30204 | SQL Injection vulnerability in Judging Management System Project Judging Management System 1.0 Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the judge_id parameter at /php-jms/edit_judge.php. | 9.8 |
| 2023-05-02 | CVE-2023-30944 | SQL Injection vulnerability in multiple products The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. | 7.3 |
| 2023-05-02 | CVE-2023-31433 | SQL Injection vulnerability in Evasys 8.2/9.0 A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allows authenticated attackers to execute SQL statements via the welche parameter. | 8.8 |
| 2023-04-28 | CVE-2023-26781 | SQL Injection vulnerability in Chshcms Mccms 2.6 SQL injection vulnerability in mccms 2.6 allows remote attackers to run arbitrary SQL commands via Author Center ->Reader Comments ->Search. | 9.8 |
| 2023-04-28 | CVE-2023-26813 | SQL Injection vulnerability in Wang.Market Wangmarket CMS 4.10 SQL injection vulnerability in com.xnx3.wangmarket.plugin.dataDictionary.controller.DataDictionaryPluginController.java in wangmarket CMS 4.10 allows remote attackers to run arbitrary SQL commands via the TableName parameter to /plugin/dataDictionary/tableView.do. | 9.8 |
| 2023-04-26 | CVE-2023-30211 | SQL Injection vulnerability in Ourphp OURPHP <= 7.2.0 is vulnerable to SQL Injection. | 9.8 |
| 2023-04-26 | CVE-2023-30112 | SQL Injection vulnerability in Medicine Tracker System Project Medicine Tracker System 1.0.0 Medicine Tracker System in PHP 1.0.0 is vulnerable to SQL Injection. | 7.5 |
| 2023-04-26 | CVE-2012-5872 | SQL Injection vulnerability in Arc2 Project Arc2 20111201 ARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause. | 9.8 |
| 2023-04-26 | CVE-2023-27843 | SQL Injection vulnerability in ASK for a Quote Project ASK for a Quote SQL injection vulnerability found in PrestaShop askforaquote v.5.4.2 and before allow a remote attacker to gain privileges via the QuotesProduct::deleteProduct component. | 9.8 |
| 2023-04-25 | CVE-2023-30839 | SQL Injection vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 8.8 |