Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-07 | CVE-2024-31456 | SQL Injection vulnerability in Glpi-Project Glpi GLPI is a Free Asset and IT Management Software package. | 6.5 |
| 2024-05-03 | CVE-2023-27358 | SQL Injection vulnerability in Netgear products NETGEAR RAX30 SOAP Request SQL Injection Remote Code Execution Vulnerability. | 8.8 |
| 2024-04-22 | CVE-2024-32480 | SQL Injection vulnerability in Librenms LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. | 7.2 |
| 2024-04-22 | CVE-2024-32461 | SQL Injection vulnerability in Librenms LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. | 8.8 |
| 2024-04-09 | CVE-2024-2341 | SQL Injection vulnerability in Nsquared Simply Schedule Appointments The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the keys parameter in all versions up to, and including, 1.6.7.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2024-04-04 | CVE-2024-31212 | SQL Injection vulnerability in Instantcms 2.16.2 InstantCMS is a free and open source content management system. | 7.2 |
| 2024-04-03 | CVE-2024-2879 | SQL Injection vulnerability in Layerslider 7.10.0/7.9.11 The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |
| 2024-03-25 | CVE-2024-27299 | SQL Injection vulnerability in PHPmyfaq 3.2.5 phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. | 8.8 |
| 2024-03-25 | CVE-2024-28107 | SQL Injection vulnerability in PHPmyfaq 3.2.5 phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. | 8.8 |
| 2024-03-18 | CVE-2024-27096 | SQL Injection vulnerability in Glpi-Project Glpi GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. | 6.5 |