Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-23 | CVE-2023-1607 | SQL Injection vulnerability in Xxyopen Novel-Plus 3.6.2 A vulnerability was found in novel-plus 3.6.2. | 8.8 |
| 2023-03-23 | CVE-2023-1608 | SQL Injection vulnerability in Crmeb Java 1.3.4 A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. | 9.8 |
| 2023-03-23 | CVE-2023-1610 | SQL Injection vulnerability in Ruifang-Tech Rebuild A vulnerability, which was classified as critical, has been found in Rebuild up to 3.2.3. | 9.8 |
| 2023-03-23 | CVE-2023-1606 | SQL Injection vulnerability in Xxyopen Novel-Plus 3.6.2 A vulnerability was found in novel-plus 3.6.2 and classified as critical. | 9.8 |
| 2023-03-23 | CVE-2023-1050 | SQL Injection vulnerability in Askoc web Report System Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in As Koc Energy Web Report System allows SQL Injection.This issue affects Web Report System: before 23.03.10. | 9.8 |
| 2023-03-23 | CVE-2023-24655 | SQL Injection vulnerability in Simple Customer Relationship Management System Project Simple Customer Relationship Management System 1.0 Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Profile Update function. | 9.8 |
| 2023-03-22 | CVE-2023-28659 | SQL Injection vulnerability in Plugin Waiting The Waiting: One-click Countdowns WordPress Plugin, version <= 0.6.2, is affected by an authenticated SQL injection vulnerability in the pbc_down[meta][id] parameter of the pbc_save_downs action. | 8.8 |
| 2023-03-22 | CVE-2023-28660 | SQL Injection vulnerability in E-Dynamics Events Made Easy The Events Made Easy WordPress Plugin, version <= 2.3.14 is affected by an authenticated SQL injection vulnerability in the 'search_name' parameter in the eme_recurrences_list action. | 8.8 |
| 2023-03-22 | CVE-2023-28661 | SQL Injection vulnerability in Accesspressthemes WP Popup Banners The WP Popup Banners WordPress Plugin, version <= 1.2.5, is affected by an authenticated SQL injection vulnerability in the 'value' parameter in the get_popup_data action. | 8.8 |
| 2023-03-22 | CVE-2023-28662 | SQL Injection vulnerability in Codemenschen Gift Vouchers The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgv_doajax_voucher_pdf_save_func action. | 9.8 |