Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-14 | CVE-2024-5984 | SQL Injection vulnerability in Online Book Store Project Online Book Store Project 1.0 A vulnerability was found in itsourcecode Online Bookstore 1.0. | 9.8 |
2024-06-14 | CVE-2024-5985 | SQL Injection vulnerability in Best Online News Portal Project Best Online News Portal 1.0 A vulnerability classified as critical has been found in SourceCodester Best Online News Portal 1.0. | 8.8 |
2024-06-13 | CVE-2024-5976 | SQL Injection vulnerability in Oretnom23 Employee and Visitor Gate Pass Logging System 1.0 A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. | 9.8 |
2024-06-13 | CVE-2024-29168 | SQL Injection vulnerability in Dell Secure Connect Gateway 5.18.00.20/5.22.00.18 Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal assets REST API. | 8.8 |
2024-06-13 | CVE-2024-37849 | SQL Injection vulnerability in Itsourcecode Billing System 1.0 A SQL Injection vulnerability in itsourcecode Billing System 1.0 allows a local attacker to execute arbitrary code in process.php via the username parameter. | 9.8 |
2024-06-13 | CVE-2024-3552 | SQL Injection vulnerability in Salephpscripts web Directory Free The Web Directory Free WordPress plugin before 1.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based. | 9.8 |
2024-06-13 | CVE-2024-4145 | SQL Injection vulnerability in Wp-Media Search & Replace The Search & Replace WordPress plugin before 3.2.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks (such as within a multi-site network). | 7.2 |
2024-06-13 | CVE-2024-3922 | SQL Injection vulnerability in Dokan PRO Plugin 3.10.3 The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.8 |
2024-06-12 | CVE-2024-5898 | SQL Injection vulnerability in Angeljudesuarez Payroll Management System 1.0 A vulnerability was found in itsourcecode Payroll Management System 1.0 and classified as critical. | 9.8 |
2024-06-12 | CVE-2024-5896 | SQL Injection vulnerability in Oretnom23 Employee and Visitor Gate Pass Logging System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. | 9.8 |