Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-16 | CVE-2022-4547 | SQL Injection vulnerability in Thedotstore Conditional Payment Methods for Woocommerce The Conditional Payment Methods for WooCommerce WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by [high privilege users such as admin|users with a role as low as admin. | 7.2 |
| 2023-01-16 | CVE-2018-25076 | SQL Injection vulnerability in Events Project Events A vulnerability classified as critical was found in Events Extension on BigTree. | 9.8 |
| 2023-01-16 | CVE-2021-4313 | SQL Injection vulnerability in Nethserver-Phonenehome Project Nethserver-Phonenehome A vulnerability was found in NethServer phonenehome. | 9.8 |
| 2023-01-16 | CVE-2022-41703 | SQL Injection vulnerability in Apache Superset A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the feature flag "ALLOW_ADHOC_SUBQUERY" disabled (default value). | 5.4 |
| 2023-01-15 | CVE-2022-4889 | SQL Injection vulnerability in Stracker Project Stracker A vulnerability classified as critical was found in visegripped Stracker. | 9.8 |
| 2023-01-13 | CVE-2022-46093 | SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0 Hospital Management System v1.0 is vulnerable to SQL Injection. | 8.2 |
| 2023-01-13 | CVE-2017-20169 | SQL Injection vulnerability in Ton-Masterserver Project Ton-Masterserver A vulnerability, which was classified as critical, has been found in GGGGGGGG ToN-MasterServer. | 9.8 |
| 2023-01-13 | CVE-2022-46946 | SQL Injection vulnerability in Helmet Store Showroom Site Project Helmet Store Showroom Site 1.0 Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_brand. | 7.2 |
| 2023-01-13 | CVE-2022-46947 | SQL Injection vulnerability in Helmet Store Showroom Site Project Helmet Store Showroom Site 1.0 Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category. | 7.2 |
| 2023-01-13 | CVE-2022-46949 | SQL Injection vulnerability in Helmet Store Showroom Site Project Helmet Store Showroom Site 1.0 Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_helmet. | 7.2 |