Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-02 | CVE-2023-26780 | SQL Injection vulnerability in Yf-Exam Project Yf-Exam 1.8.0 CleverStupidDog yf-exam v 1.8.0 is vulnerable to SQL Injection. | 9.8 |
| 2023-03-02 | CVE-2021-3854 | SQL Injection vulnerability in Glox Useroam Hotspot Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Glox Technology Useroam Hotspot allows SQL Injection. This issue affects Useroam Hotspot: before 5.1.0.15. | 9.8 |
| 2023-03-01 | CVE-2023-23315 | SQL Injection vulnerability in Stripe Payment PRO The PrestaShop e-commerce platform module stripejs contains a Blind SQL injection vulnerability up to version 4.5.5. | 9.8 |
| 2023-03-01 | CVE-2023-1064 | SQL Injection vulnerability in Uzaybaskul Weighbridge Automation Software Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Uzay Baskul Weighbridge Automation Software allows SQL Injection.This issue affects Weighbridge Automation Software: before 1.1. | 9.8 |
| 2023-03-01 | CVE-2023-0953 | SQL Injection vulnerability in Devolutions Server Insufficient input sanitization in the documentation feature of Devolutions Server 2022.3.12 and earlier allows an authenticated attacker to perform an SQL Injection, potentially resulting in unauthorized access to system resources. | 8.8 |
| 2023-02-28 | CVE-2023-25432 | SQL Injection vulnerability in Online Reviewer Management System Project Online Reviewer Management System 1.0 An issue was discovered in Online Reviewer Management System v1.0. | 7.2 |
| 2023-02-27 | CVE-2023-24258 | SQL Injection vulnerability in Spip SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the _oups parameter. | 9.8 |
| 2023-02-27 | CVE-2023-24253 | SQL Injection vulnerability in Domoticalabs Ikon Server Domotica Labs srl Ikon Server before v2.8.6 was discovered to contain a SQL injection vulnerability. | 9.8 |
| 2023-02-27 | CVE-2023-0487 | SQL Injection vulnerability in Premio MY Sticky Elements The My Sticky Elements WordPress plugin before 2.0.9 does not properly sanitise and escape a parameter before using it in a SQL statement when deleting messages, leading to a SQL injection exploitable by high privilege users such as admin | 7.2 |
| 2023-02-27 | CVE-2023-23155 | SQL Injection vulnerability in PHPgurukul ART Gallery Management System 1.0 Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the username parameter in the Admin Login. | 9.8 |