Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-12 | CVE-2022-45089 | SQL Injection vulnerability in Gruparge Smartpower web Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection.This issue affects Smartpower Web: before 23.01.01. | 8.8 |
| 2023-02-12 | CVE-2022-45090 | SQL Injection vulnerability in Gruparge Smartpower web Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection.This issue affects Smartpower Web: before 23.01.01. | 8.8 |
| 2023-02-10 | CVE-2023-23162 | SQL Injection vulnerability in PHPgurukul ART Gallery Management System 1.0 Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability via the cid parameter at product.php. | 9.8 |
| 2023-02-10 | CVE-2023-23163 | SQL Injection vulnerability in PHPgurukul ART Gallery Management System 1.0 Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter. | 9.8 |
| 2023-02-09 | CVE-2023-24684 | SQL Injection vulnerability in Churchcrm ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the EID parameter at GetText.php. | 7.2 |
| 2023-02-09 | CVE-2023-24685 | SQL Injection vulnerability in Churchcrm ChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the Event parameter under the Event Attendance reports module. | 7.2 |
| 2023-02-09 | CVE-2023-22794 | SQL Injection vulnerability in Activerecord Project Activerecord A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. | 8.8 |
| 2023-02-08 | CVE-2022-45526 | SQL Injection vulnerability in Institutional Management Website Project Institutional Management Website 1.0 SQL Injection vulnerability in Future-Depth Institutional Management Website (IMS) 1.0, allows attackers to execute arbitrary commands via the ad parameter to /admin_area/login_transfer.php. | 9.8 |
| 2023-02-06 | CVE-2022-45589 | SQL Injection vulnerability in Talend ESB Runtime 5.1/7.1.1R202109/8.0 All versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks in the provisioning service only. | 7.2 |
| 2023-02-06 | CVE-2023-24198 | SQL Injection vulnerability in Oretnom23 Raffle Draw System 1.0 Raffle Draw System v1.0 was discovered to contain multiple SQL injection vulnerabilities at save_winner.php via the ticket_id and draw parameters. | 9.8 |