Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-25 | CVE-2022-45889 | SQL Injection vulnerability in Planetestream Planet Estream Planet eStream before 6.72.10.07 allows a remote attacker (who is a publisher or admin) to obtain access to all records stored in the database, and achieve the ability to execute arbitrary SQL commands, via Search (the StatisticsResults.aspx flt parameter). | 7.2 |
| 2022-12-24 | CVE-2022-43860 | SQL Injection vulnerability in IBM I 7.3/7.4/7.5 IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information they are authorized to but not while using this interface. | 4.3 |
| 2022-12-22 | CVE-2022-43859 | SQL Injection vulnerability in IBM I 7.3/7.4/7.5 IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information for an object they are authorized to but not while using this interface. | 4.3 |
| 2022-12-22 | CVE-2022-1887 | SQL Injection vulnerability in Mozilla Firefox The search term could have been specified externally to trigger SQL injection. | 9.8 |
| 2022-12-19 | CVE-2022-45041 | SQL Injection vulnerability in Rockoa Xinhu SQL Injection exits in xinhu < 2.5.0 | 7.5 |
| 2022-12-19 | CVE-2021-4261 | SQL Injection vulnerability in Pacman-Canvas Project Pacman-Canvas A vulnerability classified as critical has been found in pacman-canvas up to 1.0.5. | 9.8 |
| 2022-12-19 | CVE-2021-4262 | SQL Injection vulnerability in Laravel Jqgrid Project Laravel Jqgrid A vulnerability classified as critical was found in laravel-jqgrid. | 9.8 |
| 2022-12-19 | CVE-2016-20018 | SQL Injection vulnerability in Knexjs Knex Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query. | 7.5 |
| 2022-12-19 | CVE-2022-4427 | SQL Injection vulnerability in Otrs Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservice This issue affects OTRS: from 7.0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch 1; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34. | 9.8 |
| 2022-12-18 | CVE-2022-4592 | SQL Injection vulnerability in Crmx Project Crmx A vulnerability was found in luckyshot CRMx and classified as critical. | 9.8 |