Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-01-31 CVE-2023-24163 SQL Injection vulnerability in Hutool
SQL Inection vulnerability in Dromara hutool before 5.8.21 allows attacker to execute arbitrary code via the aviator template engine.
network
low complexity
hutool CWE-89
critical
 9.8
9.8
2023-01-30 CVE-2023-22324 SQL Injection vulnerability in Contec Conprosys HMI System
SQL injection vulnerability in the CONPROSYS HMI System (CHS) Ver.3.5.0 and earlier allows a remote authenticated attacker to execute an arbitrary SQL command.
network
low complexity
contec CWE-89
6.5
6.5
2023-01-30 CVE-2022-27596 SQL Injection vulnerability in Qnap QTS and Quts Hero
A vulnerability has been reported to affect QNAP device running QuTS hero, QTS.
network
low complexity
qnap CWE-89
critical
 9.8
9.8
2023-01-27 CVE-2022-48011 SQL Injection vulnerability in Opencats 0.9.7
Opencats v0.9.7 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors function.
network
low complexity
opencats CWE-89
critical
 9.8
9.8
2023-01-27 CVE-2022-44298 SQL Injection vulnerability in Sscms Siteserver CMS 7.1.3
SiteServer CMS 7.1.3 is vulnerable to SQL Injection.
network
low complexity
sscms CWE-89
critical
 9.8
9.8
2023-01-26 CVE-2022-46966 SQL Injection vulnerability in Revenue Collection System Project Revenue Collection System 1.0
Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php.
network
low complexity
revenue-collection-system-project CWE-89
critical
 9.8
9.8
2023-01-26 CVE-2022-46999 SQL Injection vulnerability in Tuzicms 2.0.6
Tuzicms v2.0.6 was discovered to contain a SQL injection vulnerability via the component \App\Manage\Controller\UserController.class.php.
network
low complexity
tuzicms CWE-89
critical
 9.8
9.8
2023-01-26 CVE-2022-44297 SQL Injection vulnerability in Sscms Siteserver CMS 7.1.3
SiteServer CMS 7.1.3 has a SQL injection vulnerability the background.
network
low complexity
sscms CWE-89
critical
 9.8
9.8
2023-01-26 CVE-2020-22452 SQL Injection vulnerability in PHPmyadmin
SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php.
network
low complexity
phpmyadmin CWE-89
critical
 9.8
9.8
2023-01-26 CVE-2022-41142 SQL Injection vulnerability in Centreon 22.04.2
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon.
network
low complexity
centreon CWE-89
8.8
8.8