Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-19 | CVE-2025-0563 | SQL Injection vulnerability in Anisha Fantasy-Cricket 1.0 A vulnerability was found in code-projects Fantasy-Cricket 1.0. | 9.8 |
| 2025-01-19 | CVE-2025-0561 | SQL Injection vulnerability in Angeljudesuarez Farm Management System 1.0 A vulnerability has been found in itsourcecode Farm Management System 1.0 and classified as critical. | 9.8 |
| 2025-01-18 | CVE-2024-13184 | The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to time-based SQL Injection via the Login Attempts module in all versions up to, and including, 3.0.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
| 2025-01-18 | CVE-2025-0308 | SQL Injection vulnerability in Ultimatemember Ultimate Member The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the search parameter in all versions up to, and including, 2.9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
| 2025-01-17 | CVE-2025-0541 | SQL Injection vulnerability in Codezips GYM Management System 1.0 A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. | 9.8 |
| 2025-01-17 | CVE-2024-57035 | SQL Injection vulnerability in Wegia 3.2.0 WeGIA v3.2.0 is vulnerable to SQL Injection viathe nextPage parameter in /controle/control.php. | 9.8 |
| 2025-01-17 | CVE-2025-0540 | SQL Injection vulnerability in Angeljudesuarez Tailoring Management System 1.0 A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. | 9.8 |
| 2025-01-17 | CVE-2024-57031 | SQL Injection vulnerability in Wegia WeGIA < 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the id_funcionario parameter. | 9.8 |
| 2025-01-17 | CVE-2024-57034 | SQL Injection vulnerability in Wegia WeGIA < 3.2.0 is vulnerable to SQL Injection in query_geracao_auto.php via the query parameter. | 9.8 |
| 2025-01-17 | CVE-2025-0536 | SQL Injection vulnerability in 1000Projects Attendance Tracking Management System 1.0 A vulnerability classified as critical was found in 1000 Projects Attendance Tracking Management System 1.0. | 9.8 |