Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-03-27 CVE-2023-27847 SQL Injection vulnerability in Xipblog Project Xipblog 2.0.1
SQL injection vulnerability found in PrestaShop xipblog v.2.0.1 and before allow a remote attacker to gain privileges via the xipcategoryclass and xippostsclass components.
network
low complexity
xipblog-project CWE-89
critical
 9.8
9.8
2023-03-27 CVE-2023-26959 SQL Injection vulnerability in PHPgurukul Park Ticketing Management System 1.0
Phpgurukul Park Ticketing Management System 1.0 is vulnerable to SQL Injection via the User Name parameter.
network
low complexity
phpgurukul CWE-89
critical
 9.8
9.8
2023-03-27 CVE-2023-28883 SQL Injection vulnerability in Cerebrate-Project Cerebrate 1.13
In Cerebrate 1.13, a blind SQL injection exists in the searchAll API endpoint.
network
low complexity
cerebrate-project CWE-89
critical
 9.8
9.8
2023-03-25 CVE-2015-10097 SQL Injection vulnerability in Grinnellplans 2.7/3.0
A vulnerability was found in grinnellplans-php up to 3.0.
network
low complexity
grinnellplans CWE-89
critical
 9.8
9.8
2023-03-24 CVE-2023-26864 SQL Injection vulnerability in Smplredirectionsmanager Project Smplredirectionsmanager
SQL injection vulnerability found in PrestaShop smplredirectionsmanager v.1.1.19 and before allow a remote attacker to gain privileges via the SmplTools::getMatchingRedirectionsFromPartscomponent.
network
low complexity
smplredirectionsmanager-project CWE-89
critical
 9.8
9.8
2023-03-24 CVE-2023-25350 SQL Injection vulnerability in Ladybirdweb Faveo Helpdesk
Faveo Helpdesk 1.0-1.11.1 is vulnerable to SQL Injection.
network
low complexity
ladybirdweb CWE-89
8.8
8.8
2023-03-23 CVE-2023-27034 SQL Injection vulnerability in Joommasters JMS Blog 2.5.5/2.5.6
PrestaShop jmsblog 2.5.5 was discovered to contain a SQL injection vulnerability.
network
low complexity
joommasters CWE-89
critical
 9.8
9.8
2023-03-23 CVE-2023-1612 SQL Injection vulnerability in Ruifang-Tech Rebuild
A vulnerability, which was classified as critical, was found in Rebuild up to 3.2.3.
network
low complexity
ruifang-tech CWE-89
critical
 9.8
9.8
2023-03-23 CVE-2023-24788 SQL Injection vulnerability in Notrinos Notrinoserp 0.7
NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customer_delivery.php.
network
low complexity
notrinos CWE-89
8.8
8.8
2023-03-23 CVE-2023-28329 SQL Injection vulnerability in Moodle
Insufficient validation of profile field availability condition resulted in an SQL injection risk (by default only available to teachers and managers).
network
low complexity
moodle CWE-89
8.8
8.8