Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-21 | CVE-2023-25157 | SQL Injection vulnerability in Osgeo Geoserver GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. | 9.8 |
| 2023-02-21 | CVE-2023-25158 | SQL Injection vulnerability in Geotools GeoTools is an open source Java library that provides tools for geospatial data. | 9.8 |
| 2023-02-21 | CVE-2022-45564 | SQL Injection vulnerability in Znfit Home Improvement ERP Management System 42 SQL Injection vulnerability in znfit Home improvement ERP management system V50_20220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat applet. | 9.8 |
| 2023-02-21 | CVE-2022-45677 | SQL Injection vulnerability in Tuition Management System Project Tuition Management System SQL Injection Vulnerability in tanujpatra228 Tution Management System (TMS) via the email parameter to processes/student_login.process.php. | 9.8 |
| 2023-02-20 | CVE-2023-26093 | SQL Injection vulnerability in Puzzle Liima Liima before 1.17.28 allows Hibernate query language (HQL) injection, related to colToSort in the deployment filter. | 9.8 |
| 2023-02-18 | CVE-2023-0903 | SQL Injection vulnerability in Employee Task Management System Project Employee Task Management System 1.0 A vulnerability was found in SourceCodester Employee Task Management System 1.0. | 8.8 |
| 2023-02-17 | CVE-2023-23279 | SQL Injection vulnerability in Canteen Management System Project Canteen Management System 1.0 Canteen Management System 1.0 is vulnerable to SQL Injection via /php_action/getOrderReport.php. | 9.8 |
| 2023-02-17 | CVE-2021-32441 | SQL Injection vulnerability in Exponentcms Exponent CMS 2.6.0 SQL Injection vulnerability in Exponent-CMS v.2.6.0 fixed in 2.7.0 allows attackers to gain access to sensitive information via the selectValue function in the expConfig class. | 7.5 |
| 2023-02-17 | CVE-2021-33948 | SQL Injection vulnerability in Hotels Server Project Hotels Server 1.0 SQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows attacker to execute arbitrary code via the username parameter. | 9.8 |
| 2023-02-17 | CVE-2023-26020 | SQL Injection vulnerability in Craftercms Crafter CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26. | 7.2 |