Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-18 | CVE-2022-30599 | SQL Injection vulnerability in multiple products A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria. | 9.8 |
| 2022-05-17 | CVE-2022-24391 | SQL Injection vulnerability in Fidelissecurity Deception and Network Vulnerability in Fidelis Network and Deception CommandPost enables SQL injection through the web interface by an attacker with user level access. | 8.8 |
| 2022-05-17 | CVE-2022-30052 | SQL Injection vulnerability in Home Clean Service System Project Home Clean Service System 1.0 In Home Clean Service System 1.0, the password parameter is vulnerable to SQL injection attacks. | 9.8 |
| 2022-05-17 | CVE-2022-30053 | SQL Injection vulnerability in Oretnom23 Toll TAX Management System 1.0 In Toll Tax Management System 1.0, the id parameter appears to be vulnerable to SQL injection attacks. | 9.8 |
| 2022-05-17 | CVE-2022-30054 | SQL Injection vulnerability in Covid 19 Travel Pass Management Project Covid 19 Travel Pass Management 1.0 In Covid 19 Travel Pass Management 1.0, the code parameter is vulnerable to SQL injection attacks. | 9.8 |
| 2022-05-16 | CVE-2022-1731 | SQL Injection vulnerability in Allgeier Metasonic DOC Webclient 7.0.12.0/7.0.14.0/7.0.3.0 Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0 is vulnerable to a SQL injection attack in the username field. | 9.8 |
| 2022-05-16 | CVE-2022-30011 | SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0 In HMS 1.0 when requesting appointment.php through POST, multiple parameters can lead to a SQL injection vulnerability. | 9.8 |
| 2022-05-16 | CVE-2022-30012 | SQL Injection vulnerability in Hospital Management System Project Hospital Management System 1.0 In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection. | 7.5 |
| 2022-05-16 | CVE-2022-30765 | SQL Injection vulnerability in Janeczku Calibre-Web 0.6.18 Calibre-Web before 0.6.18 allows user table SQL Injection. | 9.8 |
| 2022-05-15 | CVE-2022-28930 | SQL Injection vulnerability in Erp-Pro Project Erp-Pro 3.7.5 ERP-Pro v3.7.5 was discovered to contain a SQL injection vulnerability via the component /base/SysEveMenuAuthPointMapper.xml.. | 9.8 |