Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-06 | CVE-2020-36071 | SQL Injection vulnerability in Tailor Management System Project Tailor Management System 1.0 SQL injection vulnerability found in Tailor Management System v.1 allows a remote authenticated attacker to execute arbitrary code via the customer parameter of the email.php page. | 8.8 |
| 2023-04-06 | CVE-2020-36072 | SQL Injection vulnerability in Tailor Management System Project Tailor Management System 1.0 SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the id parameter. | 8.8 |
| 2023-04-06 | CVE-2020-36073 | SQL Injection vulnerability in Tailor Management System Project Tailor Management System 1.0 SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the detail parameter of the document.php page. | 8.8 |
| 2023-04-06 | CVE-2020-36074 | SQL Injection vulnerability in Tailor Mangement System Project Tailor Mangement System 1.0 SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the title parameter. | 8.8 |
| 2023-04-05 | CVE-2022-31890 | SQL Injection vulnerability in Enhancesoft Audit LOG SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function. | 9.8 |
| 2023-04-05 | CVE-2023-1522 | SQL Injection vulnerability in Genetec Security Center 5.11.2 SQL Injection in the Hardware Inventory report of Security Center 5.11.2. | 8.8 |
| 2023-04-05 | CVE-2023-26856 | SQL Injection vulnerability in Dynamic Transaction Queuing System Project Dynamic Transaction Queuing System 1.0 Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/ajax.php?action=login. | 7.2 |
| 2023-04-05 | CVE-2023-25330 | SQL Injection vulnerability in Mybatis A SQL injection vulnerability in Mybatis plus below 3.5.3.1 allows remote attackers to execute arbitrary SQL commands via the tenant ID valuer. | 9.8 |
| 2023-04-05 | CVE-2023-1850 | SQL Injection vulnerability in Online Payroll System Project Online Payroll System 1.0 A vulnerability was found in SourceCodester Online Payroll System 1.0. | 9.8 |
| 2023-04-05 | CVE-2023-1856 | SQL Injection vulnerability in AIR Cargo Management System Project AIR Cargo Management System 1.0 A vulnerability has been found in SourceCodester Air Cargo Management System 1.0 and classified as critical. | 9.8 |