VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-03-05
CVE-2024-12097
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Boceksoft Informatics E-Travel allows SQL Injection.This issue affects E-Travel: before 15.12.2024.
network
low complexity
CWE-89
critical
9.8
9.8
2025-03-05
CVE-2024-13147
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Merkur Software B2B Login Panel allows SQL Injection.This issue affects B2B Login Panel: before 15.01.2025.
network
low complexity
CWE-89
critical
9.8
9.8
2025-03-05
CVE-2025-1702
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'search' parameter in all versions up to, and including, 2.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
7.5
7.5
2025-03-05
CVE-2024-13778
The Hero Mega Menu - Responsive WordPress Menu Plugin plugin for WordPress is vulnerable to SQL Injection via several functions in all versions up to, and including, 1.16.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
6.5
6.5
2025-03-05
CVE-2024-13809
The Hero Slider - WordPress Slider Plugin plugin for WordPress is vulnerable to SQL Injection via several parameters in all versions up to, and including, 1.3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
6.5
6.5
2025-03-05
CVE-2025-1965
SQL Injection vulnerability in Projectworlds Online Hotel Booking 1.0
A vulnerability classified as critical has been found in projectworlds Online Hotel Booking 1.0.
network
low complexity
projectworlds
CWE-89
critical
9.8
9.8
2025-03-05
CVE-2025-1962
SQL Injection vulnerability in Projectworlds Online Hotel Booking 1.0
A vulnerability was found in projectworlds Online Hotel Booking 1.0.
network
low complexity
projectworlds
CWE-89
critical
9.8
9.8
2025-03-05
CVE-2025-1963
SQL Injection vulnerability in Projectworlds Online Hotel Booking 1.0
A vulnerability was found in projectworlds Online Hotel Booking 1.0.
network
low complexity
projectworlds
CWE-89
critical
9.8
9.8
2025-03-04
CVE-2025-1961
SQL Injection vulnerability in Mayurik Best Church Management Software 1.1
A vulnerability has been found in SourceCodester Best Church Management Software 1.1 and classified as critical.
network
low complexity
mayurik
CWE-89
7.5
7.5
2025-03-04
CVE-2024-9149
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wind Media E-Commerce Website Template allows SQL Injection.This issue affects E-Commerce Website Template: before v1.5.
network
low complexity
CWE-89
8.6
8.6
«
Previous
1
2
...
19
20
21
(current)
22
23
...
669
670
»
Next