Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-10-16 CVE-2024-10021 SQL Injection vulnerability in Code-Projects Pharmacy Management System 1.0
A vulnerability was found in code-projects Pharmacy Management System 1.0.
network
low complexity
code-projects CWE-89
critical
 9.8
9.8
2024-10-16 CVE-2024-10022 SQL Injection vulnerability in Code-Projects Pharmacy Management System 1.0
A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0.
network
low complexity
code-projects CWE-89
critical
 9.8
9.8
2024-10-16 CVE-2021-4450 SQL Injection vulnerability in Pickplugins Post Grid
The Post Grid plugin for WordPress is vulnerable to blind SQL Injection via post metadata in versions up to, and including, 2.1.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
pickplugins CWE-89
8.8
8.8
2024-10-15 CVE-2024-9986 SQL Injection vulnerability in Fabianros Blood Bank Management System 1.0
A vulnerability was found in code-projects Blood Bank Management System 1.0.
network
low complexity
fabianros CWE-89
critical
 9.8
9.8
2024-10-15 CVE-2024-9976 SQL Injection vulnerability in Code-Projects Pharmacy Management System 1.0
A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0.
network
low complexity
code-projects CWE-89
critical
 9.8
9.8
2024-10-15 CVE-2024-9973 SQL Injection vulnerability in Oretnom23 Online Eyewear Shop 1.0
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2024-10-15 CVE-2024-9974 SQL Injection vulnerability in Oretnom23 Online Eyewear Shop 1.0
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0.
network
low complexity
oretnom23 CWE-89
critical
 9.8
9.8
2024-10-15 CVE-2024-9925 SQL Injection vulnerability in Taismartfactory Qplant SF 1.0
SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0.
network
low complexity
taismartfactory CWE-89
critical
 9.8
9.8
2024-10-15 CVE-2024-9980 SQL Injection vulnerability in Formosasoft Ee-Class
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents.
network
low complexity
formosasoft CWE-89
8.8
8.8
2024-10-15 CVE-2024-9982 AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query parameter.
network
low complexity
CWE-89
critical
 9.8
9.8