Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-08-20 CVE-2024-42573 SQL Injection vulnerability in Arajajyothibabu School Management System
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at dtmarks.php.
network
low complexity
arajajyothibabu CWE-89
critical
 9.8
9.8
2024-08-20 CVE-2024-42574 SQL Injection vulnerability in Arajajyothibabu School Management System
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at attendance.php.
network
low complexity
arajajyothibabu CWE-89
critical
 9.8
9.8
2024-08-20 CVE-2024-42575 SQL Injection vulnerability in Arajajyothibabu School Management System
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at substaff.php.
network
low complexity
arajajyothibabu CWE-89
critical
 9.8
9.8
2024-08-20 CVE-2024-7702 SQL Injection vulnerability in Bitapps Contact Form Builder
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to generic SQL Injection via the entryID parameter in versions 2.0 to 2.13.9 due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
bitapps CWE-89
7.2
7.2
2024-08-20 CVE-2024-7780 SQL Injection vulnerability in Bitapps Contact Form Builder
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to generic SQL Injection via the id parameter in versions 2.0 to 2.13.9 due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
bitapps CWE-89
7.2
7.2
2024-08-20 CVE-2024-7946 SQL Injection vulnerability in Adonesevangelista Online Blood Bank Management System 1.0
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0.
network
low complexity
adonesevangelista CWE-89
critical
 9.8
9.8
2024-08-20 CVE-2024-7947 SQL Injection vulnerability in Janobe Point of Sales and Inventory Management System 1.0
A vulnerability classified as critical has been found in SourceCodester Point of Sales and Inventory Management System 1.0.
network
low complexity
janobe CWE-89
critical
 9.8
9.8
2024-08-20 CVE-2024-7949 SQL Injection vulnerability in Tamparongj 03 Online Graduate Tracer System 1.0
A vulnerability, which was classified as critical, was found in SourceCodester Online Graduate Tracer System up to 1.0.
network
low complexity
tamparongj-03 CWE-89
8.8
8.8
2024-08-19 CVE-2024-7933 SQL Injection vulnerability in Project Expense Monitoring System Project Expense Monitoring System 1.0
A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0.
network
low complexity
project-expense-monitoring-system-project CWE-89
critical
 9.8
9.8
2024-08-19 CVE-2024-7934 SQL Injection vulnerability in Project Expense Monitoring System Project Expense Monitoring System 1.0
A vulnerability was found in itsourcecode Project Expense Monitoring System 1.0.
network
low complexity
project-expense-monitoring-system-project CWE-89
critical
 9.8
9.8