Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-16 | CVE-2024-21775 | SQL Injection vulnerability in Zohocorp Manageengine Exchange Reporter Plus Zoho ManageEngine Exchange Reporter Plus versions 5714 and below are vulnerable to the Authenticated SQL injection in report exporting feature. | 8.8 |
| 2024-02-14 | CVE-2024-23603 | SQL Injection vulnerability in F5 products An SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | 8.8 |
| 2024-02-14 | CVE-2024-25209 | SQL Injection vulnerability in Rems Barangay Population Monitoring System 1.0 Barangay Population Monitoring System 1.0 was discovered to contain a SQL injection vulnerability via the resident parameter at /endpoint/delete-resident.php. | 9.8 |
| 2024-02-14 | CVE-2024-25210 | SQL Injection vulnerability in Rems Simple Expense Tracker APP 1.0 Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the expense parameter at /endpoint/delete_expense.php. | 9.8 |
| 2024-02-14 | CVE-2024-25211 | SQL Injection vulnerability in Rems Simple Expense Tracker APP 1.0 Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the category parameter at /endpoint/delete_category.php. | 9.8 |
| 2024-02-14 | CVE-2024-25212 | SQL Injection vulnerability in Sherlock Employee Management System 1.0 Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /delete.php. | 7.2 |
| 2024-02-14 | CVE-2024-25213 | SQL Injection vulnerability in Sherlock Employee Management System 1.0 Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /edit.php. | 7.2 |
| 2024-02-14 | CVE-2024-25214 | SQL Injection vulnerability in Sherlock Employee Management System 1.0 An issue in Employee Managment System v1.0 allows attackers to bypass authentication via injecting a crafted payload into the E-mail and Password parameters at /alogin.html. | 9.8 |
| 2024-02-14 | CVE-2024-25215 | SQL Injection vulnerability in Sherlock Employee Management System 1.0 Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the pwd parameter at /aprocess.php. | 9.8 |
| 2024-02-14 | CVE-2024-25216 | SQL Injection vulnerability in Sherlock Employee Management System 1.0 Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the mailud parameter at /aprocess.php. | 9.8 |