Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-04 | CVE-2025-1321 | SQL Injection vulnerability in Mtrv Teachpress The teachPress plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'tpsearch' shortcode in all versions up to, and including, 9.0.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 8.8 |
| 2025-03-03 | CVE-2024-51962 | SQL Injection vulnerability in Esri Arcgis Server 10.9.1/11.1 A SQL injection vulnerability in ArcGIS Server allows an EDIT operation to modify Column properties allowing for the execution of a SQL Injection by a remote authenticated user with elevated (non admin) privileges. There is a high impact to integrity and confidentiality and no impact to availability. | 9.6 |
| 2025-03-03 | CVE-2025-26988 | SQL Injection vulnerability in Cozyvision SMS Alert Order Notifications Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications – WooCommerce allows SQL Injection. | 7.5 |
| 2025-03-03 | CVE-2025-1869 | SQL Injection vulnerability in Mayurik Best Online News Portal 1.0 SQL injection vulnerability have been found in 101news affecting version 1.0 through the "username" parameter in admin/check_avalability.php. | 9.8 |
| 2025-03-03 | CVE-2025-1870 | SQL Injection vulnerability in Mayurik Best Online News Portal 1.0 SQL injection vulnerability have been found in 101news affecting version 1.0 through the "pagedescription" parameter in admin/aboutus.php. | 9.8 |
| 2025-03-03 | CVE-2025-1871 | SQL Injection vulnerability in Mayurik Best Online News Portal 1.0 SQL injection vulnerability have been found in 101news affecting version 1.0 through the "category" and "subcategory" parameters in admin/add-subcategory.php. | 9.8 |
| 2025-03-03 | CVE-2025-1872 | SQL Injection vulnerability in Mayurik Best Online News Portal 1.0 SQL injection vulnerability have been found in 101news affecting version 1.0 through the "sadminusername" parameter in admin/add-subadmins.php. | 9.8 |
| 2025-03-03 | CVE-2025-1873 | SQL Injection vulnerability in Mayurik Best Online News Portal 1.0 SQL injection vulnerability have been found in 101news affecting version 1.0 through the "pagetitle" and "pagedescription" parameters in admin/contactus.php. | 9.8 |
| 2025-03-03 | CVE-2025-1874 | SQL Injection vulnerability in Mayurik Best Online News Portal 1.0 SQL injection vulnerability have been found in 101news affecting version 1.0 through the "description" parameter in admin/add-category.php. | 9.8 |
| 2025-03-03 | CVE-2025-1875 | SQL Injection vulnerability in Mayurik Best Online News Portal 1.0 SQL injection vulnerability have been found in 101news affecting version 1.0 through the "searchtitle" parameter in search.php. | 9.8 |