Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-21 | CVE-2024-6953 | SQL Injection vulnerability in Angeljudesuarez Tailoring Management System 1.0 A vulnerability was found in itsourcecode Tailoring Management System 1.0 and classified as critical. | 9.8 |
| 2024-07-19 | CVE-2024-6904 | SQL Injection vulnerability in Jkev Record Management System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Record Management System 1.0. | 8.8 |
| 2024-07-19 | CVE-2024-6205 | SQL Injection vulnerability in Payplus Payment Gateway The PayPlus Payment Gateway WordPress plugin before 6.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement via a WooCommerce API route available to unauthenticated users, leading to an SQL injection vulnerability. | 9.8 |
| 2024-07-18 | CVE-2024-39907 | SQL Injection vulnerability in Fit2Cloud 1Panel 1.10.10Lts/1.10.9Lts 1Panel is a web-based linux server management control panel. | 9.8 |
| 2024-07-18 | CVE-2024-39911 | SQL Injection vulnerability in Fit2Cloud 1Panel 1.10.10Lts 1Panel is a web-based linux server management control panel. | 9.8 |
| 2024-07-16 | CVE-2024-40637 | SQL Injection vulnerability in Getdbt DBT Core dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. | 7.8 |
| 2024-07-16 | CVE-2024-40393 | SQL Injection vulnerability in Angeljudesuarez Online Clinic Management System 1.0 Online Clinic Management System In PHP With Free Source code v1.0 was discovered to contain a SQL injection vulnerability via the user parameter at login.php. | 9.8 |
| 2024-07-16 | CVE-2024-40322 | SQL Injection vulnerability in Jfinalcms Project Jfinalcms 5.0.0 An issue was discovered in JFinalCMS v.5.0.0. | 8.8 |
| 2024-07-12 | CVE-2024-40539 | SQL Injection vulnerability in Codermy My-Springsecurity-Plus my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/user. | 9.8 |
| 2024-07-12 | CVE-2024-40540 | SQL Injection vulnerability in Codermy My-Springsecurity-Plus my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept. | 9.8 |