CVE-2024-49620

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Naudin Vladimir FERMA.Ru.Net allows Blind SQL Injection.This issue affects FERMA.Ru.Net: from n/a through 1.3.3...

CVE-2024-49617

Cross-Site Request Forgery CSRF vulnerability in anciwasim Back Link Tracker back-link-tracker allows Blind SQL Injection.This issue affects Back Link Tracker: from n/a through = 1.0.0...

CVE-2024-49615

Cross-Site Request Forgery CSRF vulnerability in Henrique Rodrigues SafetyForms safetymails-forms allows Blind SQL Injection.This issue affects SafetyForms: from n/a through = 1.0.0...

CVE-2024-49609

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Brandon White Author Discussion allows Blind SQL Injection.This issue affects Author Discussion: from n/a through 0.2.2...

CVE-2024-49615

CVE-2024-49615: SafetyForms (WordPress plugin)

PT-2024-33578 · WordPress · Duplicate Title Validate

Name of the Vulnerable Software and Affected Versions: Duplicate Title Validate versions n/a through 1.0 Description: The issue is related to an SQL Injection vulnerability, specifically an improper neutralization of special elements used in an SQL command. This allows for Blind SQL Injection,...

PT-2024-33570 · Henrique Rodrigues · Safetyforms

Name of the Vulnerable Software and Affected Versions: Henrique Rodrigues SafetyForms versions n/a through 1.0.0 Description: A Cross-Site Request Forgery CSRF issue allows Blind SQL Injection. This means an attacker can trick a user into performing unintended actions on the web application,...

PT-2024-33574 · Unknown · Social Link Groups

Name of the Vulnerable Software and Affected Versions: Social Link Groups versions prior to 1.1.0 Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, which arises from the improper neutralization of special elements used in an SQL command. This...

PT-2024-33564 · Unknown · Brandon White Author Discussion

Name of the Vulnerable Software and Affected Versions: Brandon White Author Discussion versions 0.2.2 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to the improper neutralization of special elements used in an SQL command...

WordPress LearnPress Unauthenticated SQLi (CVE-2024-8522, CVE-2024-8529)

The LearnPress WordPress LMS Plugin up to version 4.2.7 is vulnerable to SQL injection via the 'conlyfields' and 'cfields' parameters. This allows unauthenticated attackers to exploit blind SQL injections and extract sensitive information. Module Options msf use...

WordPress WP Fastest Cache Unauthenticated SQLi (CVE-2023-6063)

WP Fastest Cache, a WordPress plugin, prior to version 1.2.2, is vulnerable to an unauthenticated SQL injection vulnerability via the 'wordpressloggedin' cookie. This can be exploited via a blind SQL injection attack without requiring any authentication. Module Options msf use...

CVE-2024-47911

In SonarSource SonarQube 10.4 through 10.5 before 10.6, a vulnerability was discovered in the authorizations/group-memberships API endpoint that allows SonarQube users with the administrator role to inject blind SQL commands...

CVE-2024-47911

In SonarSource SonarQube 10.4 through 10.5 before 10.6, a vulnerability was discovered in the authorizations/group-memberships API endpoint that allows SonarQube users with the administrator role to inject blind SQL commands...

CVE-2024-47911

In SonarSource SonarQube 10.4 through 10.5 before 10.6, a vulnerability was discovered in the authorizations/group-memberships API endpoint that allows SonarQube users with the administrator role to inject blind SQL commands...

CVE-2024-47911

In SonarSource SonarQube 10.4–10.5 (before 10.6), a vulnerability exists in the authorizations/group-memberships API endpoint that allows users with the administrator role to inject blind SQL commands. The issue is triggered via the group-memberships authorization path, enabling SQL injection wit...

Blood Pressure Monitoring System 1.0 SQL Injection

============================================================================================================================================= | Title : Blood Pressure Monitoring System 1.0 Blind Sql Injection injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browse...

Cisco Identity Services Engine REST API Blind SQLi (cisco-sa-ise-rest-5bPKrNtZ)

According to its self-reported version, Cisco Identity Services Engine REST API Blind SQL Injection Vulnerabilities is affected by a Blind SQL Injection SQLi vulnerability. - Multiple vulnerabilities in the REST API of Cisco Identity Services Engine ISE could allow an authenticated, remote attack...

CVE-2024-7076

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Semtek Informatics Software Consulting Inc. Semtek Sempos allows Blind SQL Injection. This issue affects Semtek Sempos: through 31072024...

CVE-2024-6919

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NAC Telecommunication Systems Inc. NACPremium allows Blind SQL Injection. This issue affects NACPremium: through 01082024...

CVE-2024-6919

CVE-2024-6919 is a SQL injection vulnerability in NAC Premium (NACPremium) caused by improper neutralization of special elements, enabling blind SQL injection. Affected versions are through 01082024. Connected documents consistently reference this as a NACPremium issue with potential data exposur...