CVE-2024-52474

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Сервис “Экспресс Платежи” Express Payments Module express-pay allows Blind SQL Injection.This issue affects Express Payments Module: from n/a through = 1.1.8...

CVE-2024-7026

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Teknogis Informatics Closed Circuit Vehicle Tracking Software allows SQL Injection, Blind SQL Injection. This issue affects Closed Circuit Vehicle Tracking Software: through 21.11.2024. NOTE: The...

CVE-2024-52436

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saad Iqbal Post SMTP post-smtp allows Blind SQL Injection.This issue affects Post SMTP: from n/a through = 2.9.9...

CVE-2024-52436

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Post SMTP allows Blind SQL Injection.This issue affects Post SMTP: from n/a through 2.9.9...

PT-2024-35276 · Post Smtp · Post Smtp

Name of the Vulnerable Software and Affected Versions: Post SMTP versions n/a through 2.9.9 Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as 'SQL Injection' vulnerability, which allows Blind SQL Injection. Recommendations: F...

CVE-2024-51882

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ehues Gboy Custom Google Map allows Blind SQL Injection.This issue affects Gboy Custom Google Map: from n/a through 1.2...

CVE-2024-51843

CVE-2024-51843 is an authenticated SQL Injection in Olland.Biz Horsemanager (WordPress plugin), affecting Horsemanager versions up to 1.3. The root cause is improper neutralization of inputs in SQL commands. Exploitation requires authenticated access (Contributor+). Red Hat and Wordfence entries ...

CVE-2024-51619

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in market360 Market 360 Viewer market-360-viewer allows Blind SQL Injection.This issue affects Market 360 Viewer: from n/a through = 1.01...

WordPress plugin Download-Mirror-Counter SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

BIT-SUITECRM-2024-50332 Authenticated Blind SQL Injection in DeleteRelationShip in SuiteCRM

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Insufficient input value validation causes Blind SQL injection in DeleteRelationShip. This issue has been addressed in versions 7.14.6 and 8.7.1. Users are advised to upgrade. There are no know...

CVE-2024-50332

CVE-2024-50332 affects SuiteCRM, where insufficient input validation enables Blind SQL injection in DeleteRelationShip. Impact is limited to the affected component/function within SuiteCRM; specific root cause cited as input validation failure. Remediation is available: upgrade to versions 7.14.6...

CVE-2024-50332 Authenticated Blind SQL Injection in DeleteRelationShip in SuiteCRM

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Insufficient input value validation causes Blind SQL injection in DeleteRelationShip. This issue has been addressed in versions 7.14.6 and 8.7.1. Users are advised to upgrade. There are no know...

CVE-2024-50332 Authenticated Blind SQL Injection in DeleteRelationShip in SuiteCRM

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Insufficient input value validation causes Blind SQL injection in DeleteRelationShip. This issue has been addressed in versions 7.14.6 and 8.7.1. Users are advised to upgrade. There are no know...

CVE-2024-49773

SuiteCRM vulnerability CVE-2024-49773 involves poor input validation in the export functionality, where the authenticated user can abuse the current_post parameter to perform blind SQL injection via generateSearchWhere(), leading to potential information disclosure of personally identifiable info...

CVE-2024-51626

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mansur Ahamed Woocommerce Quote Calculator allows Blind SQL Injection.This issue affects Woocommerce Quote Calculator: from n/a through 1.1...

CVE-2024-8924

ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information. ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners...

CVE-2024-8924

ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information. ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners...

CVE-2024-50479

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mansur Ahamed Woocommerce Quote Calculator allows Blind SQL Injection.This issue affects Woocommerce Quote Calculator: from n/a through 1.1...

CVE-2024-49617

Cross-Site Request Forgery CSRF vulnerability in Bhaskar Dhote Back Link Tracker allows Blind SQL Injection.This issue affects Back Link Tracker: from n/a through 1.0.0...

CVE-2024-49618

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jordan Lyall MyTweetLinks allows Blind SQL Injection.This issue affects MyTweetLinks: from n/a through 1.1.1...