Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-05 | CVE-2024-49773 | SQL Injection vulnerability in Salesagility Suitecrm SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. | 6.5 |
| 2024-11-05 | CVE-2024-50332 | SQL Injection vulnerability in Salesagility Suitecrm SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. | 8.8 |
| 2024-11-05 | CVE-2023-29118 | SQL Injection vulnerability in Enelx Waybox PRO Firmware Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/versions.php. | 8.8 |
| 2024-11-05 | CVE-2023-29119 | SQL Injection vulnerability in Enelx Waybox PRO Firmware Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/dbstore.php. | 8.8 |
| 2024-11-05 | CVE-2024-10844 | SQL Injection vulnerability in Bookstore Management System Project Bookstore Management System 1.0 A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. | 9.8 |
| 2024-11-05 | CVE-2024-10845 | SQL Injection vulnerability in Bookstore Management System Project Bookstore Management System 1.0 A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as critical. | 9.8 |
| 2024-11-05 | CVE-2024-10841 | SQL Injection vulnerability in Romadebrian Web-Sekolah 1.0 A vulnerability classified as critical was found in romadebrian WEB-Sekolah 1.0. | 8.0 |
| 2024-11-05 | CVE-2024-10687 | SQL Injection vulnerability in Contest-Gallery Contest Gallery The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons plugin for WordPress is vulnerable to time-based SQL Injection via the $collectedIds parameter in all versions up to, and including, 24.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.8 |
| 2024-11-05 | CVE-2024-9459 | SQL Injection vulnerability in Zohocorp Manageengine Exchange Reporter Plus Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module. | 8.8 |
| 2024-11-05 | CVE-2024-10808 | SQL Injection vulnerability in Anisha E-Health Care System 1.0 A vulnerability has been found in code-projects E-Health Care System 1.0 and classified as critical. | 7.5 |