Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-15 | CVE-2024-25227 | SQL Injection vulnerability in Abocms Abo.Cms 5.8 SQL Injection vulnerability in ABO.CMS version 5.8, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via the tb_login parameter in admin login page. | 9.8 |
| 2024-03-12 | CVE-2024-24101 | SQL Injection vulnerability in Code-Projects Scholars Tracking System 1.0 Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Eligibility Information Update. | 9.8 |
| 2024-03-07 | CVE-2023-41014 | SQL Injection vulnerability in Code-Projects Online JOB Portal 1.0 code-projects.org Online Job Portal 1.0 is vulnerable to SQL Injection via the Username parameter for "Employer." | 9.8 |
| 2024-03-07 | CVE-2024-28094 | SQL Injection vulnerability in Schoolbox 21.0.2 Chat functionality in Schoolbox application before version 23.1.3 is vulnerable to blind SQL Injection enabling the authenticated attackers to read, modify, and delete database records. | 8.8 |
| 2024-03-06 | CVE-2023-33677 | SQL Injection vulnerability in Oretnom23 Lost and Found Information System 1.0 Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=*". | 7.5 |
| 2024-03-05 | CVE-2024-24098 | SQL Injection vulnerability in Fabianros Scholars Tracking System 1.0 Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection via the News Feed. | 7.8 |
| 2024-02-29 | CVE-2024-1981 | SQL Injection vulnerability in Wpvivid Migration, Backup, Staging The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to SQL Injection via the 'table_prefix' parameter in version 0.9.68 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.1 |
| 2024-02-29 | CVE-2024-1982 | SQL Injection vulnerability in Wpvivid Migration, Backup, Staging The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the get_restore_progress() and restore() functions in all versions up to, and including, 0.9.68. | 9.1 |
| 2024-02-29 | CVE-2024-25833 | SQL Injection vulnerability in F-Logic Datacube3 1.0 F-logic DataCube3 v1.0 is vulnerable to unauthenticated SQL injection, which could allow an unauthenticated malicious actor to execute arbitrary SQL queries in database. | 9.8 |
| 2024-02-29 | CVE-2024-1928 | SQL Injection vulnerability in Walterjnr1 Web-Based Student Clearance System 1.0 A vulnerability, which was classified as critical, has been found in SourceCodester Web-Based Student Clearance System 1.0. | 7.2 |