Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-22 | CVE-2024-44812 | SQL Injection vulnerability in Janobe Online Complaint Site 1.0 SQL Injection vulnerability in Online Complaint Site v.1.0 allows a remote attacker to escalate privileges via the username and password parameters in the /admin.index.php component. | 9.8 |
| 2024-10-22 | CVE-2024-48657 | SQL Injection vulnerability in Princelycesar Hospital Management System 1.0 SQL Injection vulnerability in hospital management system in php with source code v.1.0.0 allows a remote attacker to execute arbitrary code. | 7.2 |
| 2024-10-22 | CVE-2024-46902 | SQL Injection vulnerability in Trendmicro Deep Discovery Inspector 6.6/6.7 A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability. | 9.1 |
| 2024-10-22 | CVE-2024-48570 | SQL Injection vulnerability in PHPgurukul Client Management System 1.0 Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php. | 7.5 |
| 2024-10-22 | CVE-2024-9987 | SQL Injection vulnerability in Pandorafms Pandora FMS 742/746 A post-authentication SQL Injection vulnerability within the filters parameter of the extensions/agents_modules_csv functionality. This issue affects Pandora FMS: from 700 through <777.3. | 8.8 |
| 2024-10-21 | CVE-2024-30157 | SQL Injection vulnerability in Mitel Micollab A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. | 7.2 |
| 2024-10-21 | CVE-2024-30158 | SQL Injection vulnerability in Mitel Micollab A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. | 7.2 |
| 2024-10-21 | CVE-2024-48509 | SQL Injection vulnerability in Lang-Learn-Guy Learning With Texts 2.0.3 Learning with Texts (LWT) 2.0.3 is vulnerable to SQL Injection. | 9.8 |
| 2024-10-21 | CVE-2024-47328 | SQL Injection vulnerability in Funnelkit Automations Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Automation By Autonami allows SQL Injection.This issue affects Automation By Autonami: from n/a through 3.1.2. | 7.2 |
| 2024-10-21 | CVE-2024-8625 | SQL Injection vulnerability in Total-Soft TS Poll The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks | 7.2 |