Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-12 | CVE-2025-1210 | SQL Injection vulnerability in Anisha Wazifa System 1.0 A vulnerability classified as critical was found in code-projects Wazifa System 1.0. | 8.8 |
| 2025-02-12 | CVE-2025-25349 | SQL Injection vulnerability in PHPgurukul Daily Expense Tracker System 1.1 PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the costitem parameter. | 9.8 |
| 2025-02-12 | CVE-2025-25351 | SQL Injection vulnerability in PHPgurukul Daily Expense Tracker System 1.1 PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the dateexpense parameter. | 9.8 |
| 2025-02-12 | CVE-2025-1202 | SQL Injection vulnerability in Mayurik Best Church Management Software 1.1 A vulnerability classified as critical has been found in SourceCodester Best Church Management Software 1.1. | 6.5 |
| 2025-02-12 | CVE-2025-1206 | SQL Injection vulnerability in Codezips GYM Management System 1.0 A vulnerability was found in Codezips Gym Management System 1.0. | 8.8 |
| 2025-02-12 | CVE-2025-1201 | SQL Injection vulnerability in Mayurik Best Church Management Software 1.1 A vulnerability was found in SourceCodester Best Church Management Software 1.1. | 6.5 |
| 2025-02-12 | CVE-2025-1199 | SQL Injection vulnerability in Mayurik Best Church Management Software 1.1 A vulnerability was found in SourceCodester Best Church Management Software 1.1. | 6.5 |
| 2025-02-12 | CVE-2024-13477 | SQL Injection vulnerability in Enituretechnology LTL Freight Quotes The LTL Freight Quotes – Unishippers Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' parameter in all versions up to, and including, 2.5.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.8 |
| 2025-02-12 | CVE-2024-13480 | SQL Injection vulnerability in Enituretechnology LTL Freight Quotes The LTL Freight Quotes – For Customers of FedEx Freight plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 3.4.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
| 2025-02-12 | CVE-2024-13532 | SQL Injection vulnerability in Enituretechnology Small Package Quotes The Small Package Quotes – Purolator Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |