Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-07 | CVE-2024-8561 | SQL Injection vulnerability in Rems PHP Crud 1.0 A vulnerability has been found in SourceCodester PHP CRUD 1.0 and classified as critical. | 9.8 |
| 2024-09-07 | CVE-2024-8559 | SQL Injection vulnerability in Remyandrade Online Food Menu 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Online Food Menu 1.0. | 7.2 |
| 2024-09-07 | CVE-2024-8560 | SQL Injection vulnerability in Oretnom23 Simple Invoice Generator System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Simple Invoice Generator System 1.0. | 8.8 |
| 2024-09-07 | CVE-2024-8557 | SQL Injection vulnerability in Oretnom23 Food Ordering Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Food Ordering Management System 1.0. | 7.5 |
| 2024-09-07 | CVE-2024-7112 | SQL Injection vulnerability in Pinpoint Booking System The Pinpoint Booking System – #1 WordPress Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘schedule’ parameter in all versions up to, and including, 2.9.9.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2024-09-06 | CVE-2023-50360 | SQL Injection vulnerability in Qnap Video Station A SQL injection vulnerability has been reported to affect Video Station. | 8.8 |
| 2024-09-06 | CVE-2024-7349 | SQL Injection vulnerability in Lifterlms The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to blind SQL Injection via the 'order' parameter in all versions up to, and including, 7.7.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.2 |
| 2024-09-05 | CVE-2024-8395 | SQL Injection vulnerability in Flycass FlyCASS CASS and KCM systems did not correctly filter SQL queries, which made them vulnerable to attack by outside attackers with no authentication. | 9.8 |
| 2024-09-05 | CVE-2024-44727 | SQL Injection vulnerability in Angeljudesuarez Event Management System 1.0 Sourcecodehero Event Management System1.0 is vulnerable to SQL Injection via the parameter 'username' in /event/admin/login.php. | 9.8 |
| 2024-09-05 | CVE-2024-8464 | SQL Injection vulnerability in PHPgurukul JOB Portal 1.0 SQL injection vulnerability, by which an attacker could send a specially designed query through JOBREGID parameter in /jobportal/admin/applicants/controller.php, and retrieve all the information stored in it. | 7.5 |