Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-05-31 CVE-2024-29824 SQL Injection vulnerability in Ivanti Endpoint Manager
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
low complexity
ivanti CWE-89
8.8
8.8
2024-05-31 CVE-2024-29825 SQL Injection vulnerability in Ivanti Endpoint Manager
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
low complexity
ivanti CWE-89
8.8
8.8
2024-05-31 CVE-2024-29826 SQL Injection vulnerability in Ivanti Endpoint Manager
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
low complexity
ivanti CWE-89
8.8
8.8
2024-05-31 CVE-2024-29827 SQL Injection vulnerability in Ivanti Endpoint Manager
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
low complexity
ivanti CWE-89
8.8
8.8
2024-05-31 CVE-2024-29828 SQL Injection vulnerability in Ivanti Endpoint Manager
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.
low complexity
ivanti CWE-89
8.0
8.0
2024-05-31 CVE-2024-29829 SQL Injection vulnerability in Ivanti Endpoint Manager
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.
low complexity
ivanti CWE-89
8.0
8.0
2024-05-31 CVE-2024-29830 SQL Injection vulnerability in Ivanti Endpoint Manager
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.
low complexity
ivanti CWE-89
8.0
8.0
2024-05-31 CVE-2024-29846 SQL Injection vulnerability in Ivanti Endpoint Manager
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.
low complexity
ivanti CWE-89
8.0
8.0
2024-05-30 CVE-2024-35349 SQL Injection vulnerability in Dino Physics School Assistant Project Dino Physics School Assistant 2.3
A vulnerability has been discovered in Diño Physics School Assistant version 2.3.
network
low complexity
dino-physics-school-assistant-project CWE-89
critical
 9.8
9.8
2024-05-30 CVE-2024-35359 SQL Injection vulnerability in Dino Physics School Assistant Project Dino Physics School Assistant 2.3
A vulnerability has been discovered in Diño Physics School Assistant version 2.3.
network
low complexity
dino-physics-school-assistant-project CWE-89
critical
 9.8
9.8