Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2025-02-12 CVE-2025-1183 SQL Injection vulnerability in Codezips GYM Management System 1.0
A vulnerability has been found in CodeZips Gym Management System 1.0 and classified as critical.
network
low complexity
codezips CWE-89
critical
 9.8
9.8
2025-02-11 CVE-2025-1173 SQL Injection vulnerability in 1000Projects Bookstore Management System 1.0
A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0.
network
low complexity
1000projects CWE-89
7.2
7.2
2025-02-11 CVE-2025-1172 SQL Injection vulnerability in 1000Projects Bookstore Management System 1.0
A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore Management System 1.0.
network
low complexity
1000projects CWE-89
8.8
8.8
2025-02-03 CVE-2025-24901 SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions.
network
low complexity
wegia CWE-89
8.8
8.8
2025-02-03 CVE-2025-24902 SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions.
network
low complexity
wegia CWE-89
8.8
8.8
2025-02-03 CVE-2025-24905 SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions.
network
low complexity
wegia CWE-89
critical
 9.8
9.8
2025-02-03 CVE-2025-24906 SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions.
network
low complexity
wegia CWE-89
critical
 9.8
9.8
2025-02-03 CVE-2025-24957 SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions.
network
low complexity
wegia CWE-89
critical
 9.8
9.8
2025-02-03 CVE-2025-24958 SQL Injection vulnerability in Wegia
WeGIA is a Web Manager for Charitable Institutions.
network
low complexity
wegia CWE-89
8.8
8.8
2025-02-03 CVE-2025-25181 SQL Injection vulnerability in Advantive Veracore
A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter.
network
low complexity
advantive CWE-89
7.5
7.5