Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-02-14 CVE-2024-25212 SQL Injection vulnerability in Sherlock Employee Management System 1.0
Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /delete.php.
network
low complexity
sherlock CWE-89
7.2
2024-02-14 CVE-2024-25213 SQL Injection vulnerability in Sherlock Employee Management System 1.0
Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /edit.php.
network
low complexity
sherlock CWE-89
7.2
2024-02-14 CVE-2024-25214 SQL Injection vulnerability in Sherlock Employee Management System 1.0
An issue in Employee Managment System v1.0 allows attackers to bypass authentication via injecting a crafted payload into the E-mail and Password parameters at /alogin.html.
network
low complexity
sherlock CWE-89
critical
9.8
2024-02-14 CVE-2024-25215 SQL Injection vulnerability in Sherlock Employee Management System 1.0
Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the pwd parameter at /aprocess.php.
network
low complexity
sherlock CWE-89
critical
9.8
2024-02-14 CVE-2024-25216 SQL Injection vulnerability in Sherlock Employee Management System 1.0
Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the mailud parameter at /aprocess.php.
network
low complexity
sherlock CWE-89
critical
9.8
2024-02-14 CVE-2024-25220 SQL Injection vulnerability in Task Manager in PHP With Source Code Project Task Manager in PHP With Source Code 1.0
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the taskID parameter at /TaskManager/EditTask.php.
network
low complexity
task-manager-in-php-with-source-code-project CWE-89
critical
9.8
2024-02-14 CVE-2024-25222 SQL Injection vulnerability in Task Manager in PHP With Source Code Project Task Manager in PHP With Source Code 1.0
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the projectID parameter at /TaskManager/EditProject.php.
network
low complexity
task-manager-in-php-with-source-code-project CWE-89
critical
9.8
2024-02-14 CVE-2023-6441 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in UNI-PA University Marketing & Computer Internet Trade Inc.
network
low complexity
CWE-89
critical
9.8
2024-02-14 CVE-2023-48987 SQL Injection vulnerability in Cusg Content Management System
Blind SQL Injection vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the pages.php component.
network
low complexity
cusg CWE-89
7.5
2024-02-13 CVE-2024-22923 SQL Injection vulnerability in Advradius ADV Radius 2.2.5
SQL injection vulnerability in adv radius v.2.2.5 allows a local attacker to execute arbitrary code via a crafted script.
network
low complexity
advradius CWE-89
critical
9.8