Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-25 | CVE-2024-8621 | SQL Injection vulnerability in Mmrs151 Daily Prayer Time The Daily Prayer Time plugin for WordPress is vulnerable to SQL Injection via the 'max_word' attribute of the 'quran_verse' shortcode in all versions up to, and including, 2024.08.26 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2024-09-25 | CVE-2024-8436 | The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to SQL Injection via the 'edit_imageId' and 'edit_imageDelete' parameters in all versions up to, and including, 4.8.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.9 |
| 2024-09-25 | CVE-2024-8877 | SQL Injection vulnerability in Riello-Ups Netman 204 Firmware 02.05 Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. | 9.8 |
| 2024-09-24 | CVE-2024-8624 | SQL Injection vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection via the 'meta_key' attribute of the 'mdf_select_title' shortcode in all versions up to, and including, 1.3.3.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.9 |
| 2024-09-23 | CVE-2024-9094 | SQL Injection vulnerability in Code-Projects Blood Bank System 1.0 A vulnerability classified as critical was found in code-projects Blood Bank System 1.0. | 9.8 |
| 2024-09-23 | CVE-2024-9093 | SQL Injection vulnerability in Rems Profile Registration Without Reload/Refresh 1.0 A vulnerability classified as critical has been found in SourceCodester Profile Registration without Reload Refresh 1.0. | 7.2 |
| 2024-09-23 | CVE-2024-9090 | SQL Injection vulnerability in Mayurik Modern Loan Management System 1.0 A vulnerability was found in SourceCodester Modern Loan Management System 1.0. | 9.8 |
| 2024-09-23 | CVE-2024-9091 | SQL Injection vulnerability in Code-Projects Student Record System 1.0 A vulnerability was found in code-projects Student Record System 1.0. | 9.8 |
| 2024-09-22 | CVE-2024-9087 | SQL Injection vulnerability in Vehicle Management Project Vehicle Management 1.0 A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. | 9.8 |
| 2024-09-22 | CVE-2024-9086 | SQL Injection vulnerability in Code-Projects Restaurant Reservation System 1.0 A vulnerability classified as critical has been found in code-projects Restaurant Reservation System 1.0. | 9.8 |