Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-10 | CVE-2022-1453 | SQL Injection vulnerability in Carrcommunications Rsvpmaker The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-util.php file. | 7.5 |
| 2022-05-10 | CVE-2022-1505 | SQL Injection vulnerability in Carrcommunications Rsvpmaker The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing SQL escaping and parameterization on user supplied data passed to a SQL query in the rsvpmaker-api-endpoints.php file. | 7.5 |
| 2022-05-10 | CVE-2021-43010 | SQL Injection vulnerability in Safedog Apache 4.0.30255 In Safedog Apache v4.0.30255, attackers can bypass this product for SQL injection. | 7.5 |
| 2022-05-10 | CVE-2021-43094 | SQL Injection vulnerability in Openmrs An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11 and Platform Standalone Edition <=2.4.0 via GET requests on arbitrary parameters in patient.page. | 9.8 |
| 2022-05-10 | CVE-2022-28110 | SQL Injection vulnerability in Hotel Management System Project Hotel Management System 1.0 Hotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at the login page. | 9.8 |
| 2022-05-09 | CVE-2022-30335 | SQL Injection vulnerability in Wealth Bonanza Wealth Management System 7.3.2 Bonanza Wealth Management System (BWM) 7.3.2 allows SQL injection via the login form. | 9.8 |
| 2022-05-09 | CVE-2022-27412 | SQL Injection vulnerability in Exploreit Explore CMS 1.0 Explore CMS v1.0 was discovered to contain a SQL injection vulnerability via a /page.php?id= request. | 9.8 |
| 2022-05-09 | CVE-2022-0814 | SQL Injection vulnerability in Ubigeo DE Peru Para Woocommerce Project Ubigeo DE Peru Para Woocommerce The Ubigeo de Perú para Woocommerce WordPress plugin before 3.6.4 does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections | 9.8 |
| 2022-05-06 | CVE-2022-28163 | SQL Injection vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.1.1.8 In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection, allowing an attacker to run arbitrary SQL commands. | 9.8 |
| 2022-05-06 | CVE-2020-19212 | SQL Injection vulnerability in Piwigo 2.9.5 SQL Injection vulnerability in admin/group_list.php in piwigo v2.9.5, via the group parameter to delete. | 4.9 |