Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-17 | CVE-2024-43978 | SQL Injection vulnerability in Superstorefinder Super Store Finder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder allows SQL Injection.This issue affects Super Store Finder: from n/a before 6.9.8. | 9.8 |
| 2024-09-17 | CVE-2024-44004 | SQL Injection vulnerability in Wptaskforce Track & Trace Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPTaskForce WPCargo Track & Trace allows SQL Injection.This issue affects WPCargo Track & Trace: from n/a through 7.0.6. | 9.8 |
| 2024-09-17 | CVE-2024-8944 | SQL Injection vulnerability in Fabianros Hospital Management System 1.0 A vulnerability, which was classified as critical, was found in code-projects Hospital Management System 1.0. | 9.8 |
| 2024-09-17 | CVE-2024-8945 | SQL Injection vulnerability in Fairsketch Rise Ultimate Project Manager 3.7.0 A vulnerability has been found in CodeCanyon RISE Ultimate Project Manager 3.7.0 and classified as critical. | 8.8 |
| 2024-09-16 | CVE-2024-6401 | SQL Injection vulnerability in SFS Insuree GL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting InsureE GL allows SQL Injection.This issue affects InsureE GL: before 4.6.2. | 9.8 |
| 2024-09-15 | CVE-2024-8868 | SQL Injection vulnerability in Code-Projects Crud Operation System 1.0 A vulnerability was found in code-projects Crud Operation System 1.0. | 9.8 |
| 2024-09-14 | CVE-2024-8669 | SQL Injection vulnerability in Softaculous Backuply The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to SQL Injection via the 'options' parameter passed to the backuply_wp_clone_sql() function in all versions up to, and including, 1.3.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.2 |
| 2024-09-13 | CVE-2024-44430 | SQL Injection vulnerability in Mayurik Best Free LAW Office Management 1.0 SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker to execute arbitrary code and obtain sensitive information via a crafted payload to the kortex_lite/control/register_case.php interface | 9.8 |
| 2024-09-13 | CVE-2024-8784 | SQL Injection vulnerability in Qdocs Smart School 7.0.0 A vulnerability classified as critical was found in QDocs Smart School Management System 7.0.0. | 8.8 |
| 2024-09-13 | CVE-2024-6723 | SQL Injection vulnerability in Meowapps AI Engine The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions. | 4.7 |