Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-08-21 CVE-2024-6813 SQL Injection vulnerability in Netgear Prosafe Network Management System 1.7.0.34
NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability.
network
low complexity
netgear CWE-89
8.8
8.8
2024-08-21 CVE-2024-6814 SQL Injection vulnerability in Netgear Prosafe Network Management System 1.7.0.34
NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability.
network
low complexity
netgear CWE-89
8.8
8.8
2024-08-20 CVE-2024-42361 SQL Injection vulnerability in Apache Hertzbeat
Hertzbeat is an open source, real-time monitoring system.
network
low complexity
apache CWE-89
critical
 9.8
9.8
2024-08-20 CVE-2024-43406 SQL Injection vulnerability in Lfedge Ekuiper
LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices.
network
low complexity
lfedge CWE-89
8.8
8.8
2024-08-20 CVE-2024-34458 SQL Injection vulnerability in Keyfactor Command 10.5.0/11.5.0
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure.
network
low complexity
keyfactor CWE-89
7.5
7.5
2024-08-20 CVE-2024-42566 SQL Injection vulnerability in Arajajyothibabu School Management System
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the password parameter at login.php
network
low complexity
arajajyothibabu CWE-89
critical
 9.8
9.8
2024-08-20 CVE-2024-42567 SQL Injection vulnerability in Arajajyothibabu School Management System
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the sid parameter at /search.php?action=2.
network
low complexity
arajajyothibabu CWE-89
critical
 9.8
9.8
2024-08-20 CVE-2024-42568 SQL Injection vulnerability in Arajajyothibabu School Management System
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the transport parameter at vehicle.php.
network
low complexity
arajajyothibabu CWE-89
critical
 9.8
9.8
2024-08-20 CVE-2024-42570 SQL Injection vulnerability in Arajajyothibabu School Management System
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at admininsert.php.
network
low complexity
arajajyothibabu CWE-89
critical
 9.8
9.8
2024-08-20 CVE-2024-42572 SQL Injection vulnerability in Arajajyothibabu School Management System
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at unitmarks.php.
network
low complexity
arajajyothibabu CWE-89
critical
 9.8
9.8