Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-30 | CVE-2022-44137 | SQL Injection vulnerability in Sanitization Management System Project Sanitization Management System 1.0 SourceCodester Sanitization Management System 1.0 is vulnerable to SQL Injection. | 7.2 |
| 2022-12-28 | CVE-2017-20150 | SQL Injection vulnerability in Challenge Website Project Challenge Website A vulnerability was found in challenge website. | 8.8 |
| 2022-12-27 | CVE-2022-46442 | SQL Injection vulnerability in Dedecms dedecms <=V5.7.102 is vulnerable to SQL Injection. | 9.8 |
| 2022-12-27 | CVE-2022-4726 | SQL Injection vulnerability in Sanitization Management System Project Sanitization Management System 1.0 A vulnerability classified as critical was found in SourceCodester Sanitization Management System 1.0. | 9.8 |
| 2022-12-27 | CVE-2022-46763 | SQL Injection vulnerability in Trueconf Server 4.3.7.12219/4.3.7.12255/5.2.0.10225 A SQL injection issue in a database stored function in TrueConf Server 5.2.0.10225 allows a low-privileged database user to execute arbitrary SQL commands as the database administrator, resulting in execution of arbitrary code. | 8.8 |
| 2022-12-27 | CVE-2022-46764 | SQL Injection vulnerability in Trueconf Server 4.3.7.12219/4.3.7.12255/5.2.0.10225 A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution. | 9.8 |
| 2022-12-26 | CVE-2020-24600 | SQL Injection vulnerability in Capexweb Project Capexweb 1.1 Shilpi CAPExWeb 1.1 allows SQL injection via a servlet/capexweb.cap_sendMail GET request. | 9.8 |
| 2022-12-26 | CVE-2022-4151 | SQL Injection vulnerability in Contest-Gallery Contest Gallery The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the option_id GET parameter before concatenating it to an SQL query in export-images-data.php. | 6.5 |
| 2022-12-26 | CVE-2022-4161 | SQL Injection vulnerability in Contest-Gallery Contest Gallery The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_copy_start POST parameter before concatenating it to an SQL query in copy-gallery-images.php. | 6.5 |
| 2022-12-25 | CVE-2022-44015 | SQL Injection vulnerability in Simmeth Lieferantenmanager An issue was discovered in Simmeth Lieferantenmanager before 5.6. | 9.8 |