Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5329
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to blind SQL Injection via the ‘data[addonID]’ parameter in all versions up to, and including, 1.5.109 due to insufficient escaping on the user supplied parameter...
Unlimited-elements Unlimited Elements For Elementor (free Widgets, Addons, Templates)
NA
CVE-2024-36393
SysAid - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Sysaid Sysaid
NA
CVE-2024-5653
A vulnerability, which was classified as critical, has been found in Chanjet Smooth T+system 3.5. This issue affects some unknown processing of the file /tplus/UFAQD/keyEdit.aspx. The manipulation of the argument KeyID leads to sql injection. The attack may be initiated remotely....
NA
CVE-2024-36837
SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote malicious user to obtain sensitive information via the getProductList function in the ProductController.php file.
1 Github repository
NA
CVE-2024-4743
The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to SQL Injection via the orderBy attribute of the lifterlms_favorites shortcode in all versions up to, and including, 7.6.2 due to insufficient escaping on the user supplied parameter and ...
Lifterlms Lifterlms
NA
CVE-2024-4295
The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘hash’ parameter in all versions up to, and including, 5.7.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the exi...
Icegram Email Subscribers & Newsletters
2 Github repositories
NA
CVE-2024-5636
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file report/index.php. The manipulation of the argument procduct leads to sql injection. The attack may be launc...
NA
CVE-2024-5635
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument txtsearch leads to sql injection. The attack can be la...
NA
CVE-2024-36800
A SQL injection vulnerability in SEMCMS v.4.8, allows a remote malicious user to obtain sensitive information via the ID parameter in Download.php.
NA
CVE-2024-36801
A SQL injection vulnerability in SEMCMS v.4.8, allows a remote malicious user to obtain sensitive information via the lgid parameter in Download.php.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »