CVE-2024-41237

A SQL injection vulnerability in /smsa/teacherlogin.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter...

CVE-2024-41444

SeaCMS v12.9 has a SQL injection vulnerability in the key parameter of /js/player/dmplayer/dmku/index.php?ac=so...

CVE-2024-41476

AMTT Hotel Broadband Operation System HiBOS V3.0.3.151204 and before is vulnerable to SQL Injection via /manager/card/carddetail.php...

CVE-2024-41238

A SQL injection vulnerability in /smsa/studentlogin.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter...

CVE-2024-41579

DTStack Taier 1.4.0 allows remote attackers to specify the jobName parameter in the console listNames function to cause a SQL injection vulnerability...

CVE-2024-39843

A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via create user form inputs...

CVE-2024-39072

AMTT Hotel Broadband Operation System HiBOS v3.0.3.151204 is vulnerable to SQL injection via manager/conference/calendarremind.php...

CVE-2024-39841

A SQL Injection vulnerability exists in the service configuration functionality in Centreon Web 24.04.x before 24.04.3, 23.10.x before 23.10.13, 23.04.x before 23.04.19, and 22.10.x before 22.10.23...

CVE-2024-39842

A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via user massive changes inputs...

CVE-2024-39071

Fujian Kelixun =7.6.6.4391 is vulnerable to SQL Injection in sendevent.php...

CVE-2023-43794

Nocodb is an open source Airtable alternative. Affected versions of nocodb contain a SQL injection vulnerability, that allows an authenticated attacker with creator access to query the underlying database. By supplying a specially crafted payload to the given an attacker can inject arbitrary SQL...

CVE-2023-29267

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. IBM X-Force ID: 287612...

CVE-2023-31092

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Foxskav Easy Bet.This issue affects Easy Bet: from n/a through 1.0.2...

CVE-2022-0362

SQL Injection in Packagist showdoc/showdoc prior to 2.10.3...

CVE-2024-39887

An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elements used in SQL commands. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. To mitigate this, a new...

CVE-2024-39909

KubeClarity is a tool for detection and management of Software Bill Of Materials SBOM and vulnerabilities of container images and filesystems. A time/boolean SQL Injection is present in the following resource /api/applicationResources via the following parameter packageID. As it can be seen in...

CVE-2023-25813

Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fix...

CVE-2023-50841

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin...

CVE-2023-50837

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WebFactory Ltd Login Lockdown – Protect Login Form.This issue affects Login Lockdown – Protect Login Form: from n/a through 2.06...

CVE-2023-50849

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.23...