Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-27 | CVE-2024-6372 | SQL Injection vulnerability in Angeljudesuarez Tailoring Management System 1.0 A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System 1.0. | 9.8 |
| 2024-06-26 | CVE-2024-4228 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 - Exposure of Sensitive Information to an Unauthorized Actor, CWE - 522 - Insufficiently Protected Credentials vulnerability in Magarsus Consultancy SSO (Single Sign On) allows SQL Injection.This issue affects SSO (Single Sign On): from 1.0 before 1.1. | 9.8 |
| 2024-06-25 | CVE-2024-37843 | SQL Injection vulnerability in Craftcms Craft CMS Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint. | 9.8 |
| 2024-06-25 | CVE-2024-6308 | SQL Injection vulnerability in Clivedelacruz Simple Online Hotel Reservation System 1.0 A vulnerability was found in itsourcecode Simple Online Hotel Reservation System 1.0. | 9.8 |
| 2024-06-22 | CVE-2024-21514 | SQL Injection vulnerability in Opencart 3.0.3.9 This affects versions of the package opencart/opencart from 0.0.0. | 8.1 |
| 2024-06-21 | CVE-2024-6241 | SQL Injection vulnerability in Pearadmin Pear Admin Boot A vulnerability was found in Pear Admin Boot up to 2.0.2 and classified as critical. | 9.8 |
| 2024-06-21 | CVE-2024-6027 | SQL Injection vulnerability in Themify Product Filter The Themify – WooCommerce Product Filter plugin for WordPress is vulnerable to time-based SQL Injection via the ‘conditions’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
| 2024-06-21 | CVE-2024-5756 | SQL Injection vulnerability in Icegram Express The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the db parameter in all versions up to, and including, 5.7.23 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.8 |
| 2024-06-21 | CVE-2024-6215 | SQL Injection vulnerability in Oretnom23 Food Ordering Management System 1.0 A vulnerability was found in SourceCodester Food Ordering Management System up to 1.0. | 8.8 |
| 2024-06-21 | CVE-2024-6216 | SQL Injection vulnerability in Oretnom23 Food Ordering Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Food Ordering Management System 1.0. | 8.8 |