VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-12-19
CVE-2024-12791
SQL Injection vulnerability in Codezips E-Commerce Site 1.0
A vulnerability was found in Codezips E-Commerce Site 1.0.
network
low complexity
codezips
CWE-89
critical
9.8
9.8
2024-12-19
CVE-2024-12792
SQL Injection vulnerability in Codezips E-Commerce Site 1.0
A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0.
network
low complexity
codezips
CWE-89
critical
9.8
9.8
2024-12-19
CVE-2024-12794
SQL Injection vulnerability in Codezips E-Commerce Site 1.0
A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0.
network
low complexity
codezips
CWE-89
critical
9.8
9.8
2024-12-19
CVE-2024-12788
SQL Injection vulnerability in Codezips Technical Discussion Forum 1.0
A vulnerability was found in Codezips Technical Discussion Forum 1.0 and classified as critical.
network
low complexity
codezips
CWE-89
critical
9.8
9.8
2024-12-19
CVE-2024-12787
SQL Injection vulnerability in 1000Projects Attendance Tracking Management System 1.0
A vulnerability has been found in 1000 Projects Attendance Tracking Management System 1.0 and classified as critical.
network
low complexity
1000projects
CWE-89
critical
9.8
9.8
2024-12-19
CVE-2024-10244
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ISDO Software Web Software allows SQL Injection.This issue affects Web Software: before 3.6.
network
low complexity
CWE-89
critical
9.8
9.8
2024-12-18
CVE-2024-11912
The Travel Booking WordPress Theme theme for WordPress is vulnerable to blind time-based SQL Injection via the ‘order_id’ parameter in all versions up to, and including, 3.1.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
7.5
7.5
2024-12-18
CVE-2024-12025
The Collapsing Categories plugin for WordPress is vulnerable to SQL Injection via the 'taxonomy' parameter of the /wp-json/collapsing-categories/v1/get REST API in all versions up to, and including, 3.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
7.5
7.5
2024-12-17
CVE-2024-8972
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mobil365 Informatics Saha365 App allows SQL Injection.This issue affects Saha365 App: before 30.09.2024.
network
low complexity
CWE-89
critical
9.8
9.8
2024-12-14
CVE-2024-31892
IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 could allow a user to perform unauthorized actions after intercepting and modifying a csv file due to improper neutralization of formula elements.
network
high complexity
CWE-89
7.5
7.5
«
Previous
1
2
...
4
5
6
(current)
7
8
...
619
620
»
Next