Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-02 | CVE-2024-43773 | SQL Injection vulnerability in Easytest Online Test Platform SQL Injection in download class learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via the cstr parameter. | 9.8 |
| 2024-09-02 | CVE-2024-43774 | SQL Injection vulnerability in Easytest Online Test Platform SQL Injection in download personal learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the uid parameter. | 8.8 |
| 2024-09-02 | CVE-2024-43775 | SQL Injection vulnerability in Easytest Online Test Platform SQL Injection in search course titles function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the search parameter. | 8.8 |
| 2024-09-02 | CVE-2024-43776 | SQL Injection vulnerability in Easytest Online Test Platform SQL Injection in mock exam function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the qlevel parameter. | 8.8 |
| 2024-09-02 | CVE-2024-7871 | SQL Injection vulnerability in Easytest Online Test Platform Project Easytest Online Test Platform SQL Injection in online dictionary function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the word parameter. | 8.8 |
| 2024-09-01 | CVE-2024-8368 | SQL Injection vulnerability in Fabianros Hospital Management System 1.0 A vulnerability was found in code-projects Hospital Management System 1.0. | 9.8 |
| 2024-08-31 | CVE-2024-7717 | SQL Injection vulnerability in Thimpress WP Events Manager The WP Events Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter in all versions up to, and including, 2.1.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 8.8 |
| 2024-08-30 | CVE-2024-8347 | SQL Injection vulnerability in Oretnom23 Computer Laboratory Management System 1.0 A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. | 9.8 |
| 2024-08-30 | CVE-2024-8348 | SQL Injection vulnerability in Oretnom23 Computer Laboratory Management System 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. | 9.8 |
| 2024-08-30 | CVE-2024-8346 | SQL Injection vulnerability in Oretnom23 Computer Laboratory Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. | 9.8 |