Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-23 | CVE-2024-10296 | SQL Injection vulnerability in Anujkumar Medical Card Generation System 1.0 A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. | 7.2 |
| 2024-10-23 | CVE-2024-20340 | SQL Injection vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. | 6.5 |
| 2024-10-23 | CVE-2024-10291 | SQL Injection vulnerability in Zzcms 2023 A vulnerability has been found in ZZCMS 2023 and classified as critical. | 9.8 |
| 2024-10-23 | CVE-2024-10278 | SQL Injection vulnerability in Esafenet CDG 5 A vulnerability was found in ESAFENET CDG 5. | 9.8 |
| 2024-10-23 | CVE-2024-10279 | SQL Injection vulnerability in Esafenet CDG 5 A vulnerability was found in ESAFENET CDG 5. | 9.8 |
| 2024-10-23 | CVE-2024-10277 | SQL Injection vulnerability in Esafenet CDG 5 A vulnerability was found in ESAFENET CDG 5 and classified as critical. | 9.8 |
| 2024-10-22 | CVE-2024-44812 | SQL Injection vulnerability in Janobe Online Complaint Site 1.0 SQL Injection vulnerability in Online Complaint Site v.1.0 allows a remote attacker to escalate privileges via the username and password parameters in the /admin.index.php component. | 9.8 |
| 2024-10-22 | CVE-2024-48657 | SQL Injection vulnerability in Princelycesar Hospital Management System 1.0 SQL Injection vulnerability in hospital management system in php with source code v.1.0.0 allows a remote attacker to execute arbitrary code. | 7.2 |
| 2024-10-22 | CVE-2024-46902 | SQL Injection vulnerability in Trendmicro Deep Discovery Inspector 6.6/6.7 A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability. | 9.1 |
| 2024-10-22 | CVE-2024-48570 | SQL Injection vulnerability in PHPgurukul Client Management System 1.0 Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php. | 7.5 |