Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-06 | CVE-2023-50360 | SQL Injection vulnerability in Qnap Video Station A SQL injection vulnerability has been reported to affect Video Station. | 8.8 |
| 2024-09-06 | CVE-2024-7349 | SQL Injection vulnerability in Lifterlms The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to blind SQL Injection via the 'order' parameter in all versions up to, and including, 7.7.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.2 |
| 2024-09-05 | CVE-2024-8395 | SQL Injection vulnerability in Flycass FlyCASS CASS and KCM systems did not correctly filter SQL queries, which made them vulnerable to attack by outside attackers with no authentication. | 9.8 |
| 2024-09-05 | CVE-2024-44727 | SQL Injection vulnerability in Angeljudesuarez Event Management System 1.0 Sourcecodehero Event Management System1.0 is vulnerable to SQL Injection via the parameter 'username' in /event/admin/login.php. | 9.8 |
| 2024-09-05 | CVE-2024-8464 | SQL Injection vulnerability in PHPgurukul JOB Portal 1.0 SQL injection vulnerability, by which an attacker could send a specially designed query through JOBREGID parameter in /jobportal/admin/applicants/controller.php, and retrieve all the information stored in it. | 7.5 |
| 2024-09-05 | CVE-2024-8465 | SQL Injection vulnerability in PHPgurukul JOB Portal 1.0 SQL injection vulnerability, by which an attacker could send a specially designed query through user_id parameter in /jobportal/admin/user/controller.php, and retrieve all the information stored in it. | 7.5 |
| 2024-09-05 | CVE-2024-8466 | SQL Injection vulnerability in PHPgurukul JOB Portal 1.0 SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/category/controller.php, and retrieve all the information stored in it. | 7.5 |
| 2024-09-05 | CVE-2024-8467 | SQL Injection vulnerability in PHPgurukul JOB Portal 1.0 SQL injection vulnerability, by which an attacker could send a specially designed query through id parameter in /jobportal/admin/category/index.php, and retrieve all the information stored in it. | 7.5 |
| 2024-09-05 | CVE-2024-8468 | SQL Injection vulnerability in PHPgurukul JOB Portal 1.0 SQL injection vulnerability, by which an attacker could send a specially designed query through search parameter in /jobportal/index.php, and retrieve all the information stored in it. | 7.5 |
| 2024-09-05 | CVE-2024-8469 | SQL Injection vulnerability in PHPgurukul JOB Portal 1.0 SQL injection vulnerability, by which an attacker could send a specially designed query through id parameter in /jobportal/admin/employee/index.php, and retrieve all the information stored in it. | 7.5 |