CVE-2024-8924

ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information. ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners...

CVE-2024-50479

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mansur Ahamed Woocommerce Quote Calculator allows Blind SQL Injection.This issue affects Woocommerce Quote Calculator: from n/a through 1.1...

CVE-2024-49617

Cross-Site Request Forgery CSRF vulnerability in anciwasim Back Link Tracker back-link-tracker allows Blind SQL Injection.This issue affects Back Link Tracker: from n/a through = 1.0.0...

CVE-2024-49620

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Naudin Vladimir FERMA.Ru.Net allows Blind SQL Injection.This issue affects FERMA.Ru.Net: from n/a through 1.3.3...

CVE-2024-49617

Cross-Site Request Forgery CSRF vulnerability in Bhaskar Dhote Back Link Tracker allows Blind SQL Injection.This issue affects Back Link Tracker: from n/a through 1.0.0...

CVE-2024-49618

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jordan Lyall MyTweetLinks allows Blind SQL Injection.This issue affects MyTweetLinks: from n/a through 1.1.1...

CVE-2024-49615

Cross-Site Request Forgery CSRF vulnerability in Henrique Rodrigues SafetyForms safetymails-forms allows Blind SQL Injection.This issue affects SafetyForms: from n/a through = 1.0.0...

CVE-2024-49609

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Brandon White Author Discussion allows Blind SQL Injection.This issue affects Author Discussion: from n/a through 0.2.2...

CVE-2024-49615

CVE-2024-49615: SafetyForms (WordPress plugin)

PT-2024-33570 · Henrique Rodrigues · Safetyforms

Name of the Vulnerable Software and Affected Versions: Henrique Rodrigues SafetyForms versions n/a through 1.0.0 Description: A Cross-Site Request Forgery CSRF issue allows Blind SQL Injection. This means an attacker can trick a user into performing unintended actions on the web application,...

PT-2024-33574 · Unknown · Social Link Groups

Name of the Vulnerable Software and Affected Versions: Social Link Groups versions prior to 1.1.0 Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, which arises from the improper neutralization of special elements used in an SQL command. This...

PT-2024-33564 · Unknown · Brandon White Author Discussion

Name of the Vulnerable Software and Affected Versions: Brandon White Author Discussion versions 0.2.2 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to the improper neutralization of special elements used in an SQL command...

PT-2024-33578 · WordPress · Duplicate Title Validate

Name of the Vulnerable Software and Affected Versions: Duplicate Title Validate versions n/a through 1.0 Description: The issue is related to an SQL Injection vulnerability, specifically an improper neutralization of special elements used in an SQL command. This allows for Blind SQL Injection,...

WordPress LearnPress Unauthenticated SQLi (CVE-2024-8522, CVE-2024-8529)

The LearnPress WordPress LMS Plugin up to version 4.2.7 is vulnerable to SQL injection via the 'conlyfields' and 'cfields' parameters. This allows unauthenticated attackers to exploit blind SQL injections and extract sensitive information. Module Options msf use...

WordPress WP Fastest Cache Unauthenticated SQLi (CVE-2023-6063)

WP Fastest Cache, a WordPress plugin, prior to version 1.2.2, is vulnerable to an unauthenticated SQL injection vulnerability via the 'wordpressloggedin' cookie. This can be exploited via a blind SQL injection attack without requiring any authentication. Module Options msf use...

CVE-2024-47911

In SonarSource SonarQube 10.4 through 10.5 before 10.6, a vulnerability was discovered in the authorizations/group-memberships API endpoint that allows SonarQube users with the administrator role to inject blind SQL commands...

CVE-2024-47911

In SonarSource SonarQube 10.4 through 10.5 before 10.6, a vulnerability was discovered in the authorizations/group-memberships API endpoint that allows SonarQube users with the administrator role to inject blind SQL commands...

CVE-2024-47911

In SonarSource SonarQube 10.4–10.5 (before 10.6), a vulnerability exists in the authorizations/group-memberships API endpoint that allows users with the administrator role to inject blind SQL commands. The issue is triggered via the group-memberships authorization path, enabling SQL injection wit...

CVE-2024-47911

In SonarSource SonarQube 10.4 through 10.5 before 10.6, a vulnerability was discovered in the authorizations/group-memberships API endpoint that allows SonarQube users with the administrator role to inject blind SQL commands...

Blood Pressure Monitoring System 1.0 SQL Injection

============================================================================================================================================= | Title : Blood Pressure Monitoring System 1.0 Blind Sql Injection injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browse...