Vulnerabilities > Solwininfotech > User Activity LOG > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-31 | CVE-2023-37966 | Unspecified vulnerability in Solwininfotech User Activity LOG Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solwin Infotech User Activity Log user-activity-log allows SQL Injection.This issue affects User Activity Log: from n/a through 1.6.2. | 9.8 |
| 2023-08-14 | CVE-2023-3435 | Unspecified vulnerability in Solwininfotech User Activity LOG The User Activity Log WordPress plugin before 1.6.5 does not correctly sanitise and escape several parameters before using it in a SQL statement as part of its exportation feature, allowing unauthenticated attackers to conduct SQL injection attacks. | 9.8 |