Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-30 | CVE-2024-41804 | SQL Injection vulnerability in Xibosignage Xibo Xibo is a content management system (CMS). | 6.5 |
| 2024-07-29 | CVE-2024-7196 | SQL Injection vulnerability in Oretnom23 Complaints Report Management System 1.0 A vulnerability was found in SourceCodester Complaints Report Management System 1.0. | 9.8 |
| 2024-07-28 | CVE-2024-7164 | SQL Injection vulnerability in Oretnom23 School Fees Payment System 1.0 A vulnerability has been found in SourceCodester School Fees Payment System 1.0 and classified as critical. | 9.8 |
| 2024-07-26 | CVE-2024-38871 | SQL Injection vulnerability in Zohocorp Manageengine Exchange Reporter Plus Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the reports module. | 8.8 |
| 2024-07-26 | CVE-2024-38872 | SQL Injection vulnerability in Zohocorp Manageengine Exchange Reporter Plus Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the monitoring module. | 8.8 |
| 2024-07-26 | CVE-2024-39304 | SQL Injection vulnerability in Churchcrm ChurchCRM is an open-source church management system. | 8.8 |
| 2024-07-25 | CVE-2024-7105 | SQL Injection vulnerability in Forip Administracao Pabx A vulnerability classified as critical has been found in ForIP Tecnologia Administração PABX 1.x. | 8.8 |
| 2024-07-25 | CVE-2024-38289 | SQL Injection vulnerability in Rhubcom Turbomeeting A boolean-based SQL injection issue in the Virtual Meeting Password (VMP) endpoint in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to extract hashed passwords from the database, and authenticate to the application, via crafted SQL input. | 9.8 |
| 2024-07-24 | CVE-2024-41551 | SQL Injection vulnerability in Campcodes Supplier Management System 1.0 CampCodes Supplier Management System v1.0 is vulnerable to SQL injection via Supply_Management_System/admin/view_order_items.php?id= . | 9.8 |
| 2024-07-22 | CVE-2024-38773 | SQL Injection vulnerability in Formlift for Infusionsoft web Forms Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Blind SQL Injection.This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.17. | 9.8 |