Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-7681 | SQL Injection vulnerability in College Management System Project College Management System 1.0 A vulnerability was found in code-projects College Management System 1.0. | 9.8 |
| 2024-08-12 | CVE-2024-7682 | SQL Injection vulnerability in Fabianros JOB Portal 1.0 A vulnerability was found in code-projects Job Portal 1.0. | 9.8 |
| 2024-08-08 | CVE-2024-41238 | SQL Injection vulnerability in Lopalopa Responsive School Management System 3.2.0 A SQL injection vulnerability in /smsa/student_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter. | 5.3 |
| 2024-08-08 | CVE-2024-7477 | SQL Injection vulnerability in Avaya Aura System Manager A SQL injection vulnerability was found which could allow a command line interface (CLI) user with administrative privileges to execute arbitrary queries against the Avaya Aura System Manager database. Affected versions include 10.1.x.x and 10.2.x.x. | 6.7 |
| 2024-08-08 | CVE-2024-42357 | SQL Injection vulnerability in Shopware Shopware is an open commerce platform. | 9.8 |
| 2024-08-08 | CVE-2024-7548 | SQL Injection vulnerability in Thimpress Learnpress The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'order' parameter in all versions up to, and including, 4.2.6.9.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2024-08-07 | CVE-2024-41237 | SQL Injection vulnerability in Lopalopa Responsive School Management System 3.2.0 A SQL injection vulnerability in /smsa/teacher_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter. | 9.8 |
| 2024-08-07 | CVE-2024-34479 | SQL Injection vulnerability in Oretnom23 Computer Laboratory Management System 1.0 SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection. | 9.8 |
| 2024-08-07 | CVE-2024-34480 | SQL Injection vulnerability in Oretnom23 Computer Laboratory Management System 1.0 SourceCodester Computer Laboratory Management System 1.0 allows admin/category/view_category.php id SQL Injection. | 9.8 |
| 2024-08-07 | CVE-2024-42005 | SQL Injection vulnerability in Djangoproject Django An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. | 7.3 |