Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-21 | CVE-2024-42784 | SQL Injection vulnerability in Lopalopa Music Management System 1.0 A SQL injection vulnerability in "/music/controller.php?page=view_music" in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "id" parameter. | 9.8 |
| 2024-08-21 | CVE-2024-42785 | SQL Injection vulnerability in Lopalopa Music Management System 1.0 A SQL injection vulnerability in /music/index.php?page=view_playlist in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "id" parameter. | 8.8 |
| 2024-08-21 | CVE-2024-42786 | SQL Injection vulnerability in Lopalopa Music Management System 1.0 A SQL injection vulnerability in "/music/view_user.php" in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "id" parameter of View User Profile Page. | 8.8 |
| 2024-08-21 | CVE-2024-6813 | SQL Injection vulnerability in Netgear Prosafe Network Management System 1.7.0.34 NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability. | 8.8 |
| 2024-08-21 | CVE-2024-6814 | SQL Injection vulnerability in Netgear Prosafe Network Management System 1.7.0.34 NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability. | 8.8 |
| 2024-08-21 | CVE-2024-7651 | SQL Injection vulnerability in Appcheap APP Builder The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to limited SQL Injection via the ‘app-builder-search’ parameter in all versions up to, and including, 4.2.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
| 2024-08-21 | CVE-2024-7854 | SQL Injection vulnerability in Sjhoo WOO Inquiry 0.1 The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient preparation on the existing SQL query. | 9.8 |
| 2024-08-20 | CVE-2024-42361 | SQL Injection vulnerability in Apache Hertzbeat Hertzbeat is an open source, real-time monitoring system. | 9.8 |
| 2024-08-20 | CVE-2024-43406 | SQL Injection vulnerability in Lfedge Ekuiper LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. | 8.8 |
| 2024-08-20 | CVE-2024-34458 | SQL Injection vulnerability in Keyfactor Command 10.5.0/11.5.0 Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure. | 7.5 |