Total
11593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-50071 | 1 Customer Support System Project | 1 Customer Support System | 2024-01-05 | N/A | 8.8 HIGH |
| Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_department via id or name. | |||||
| CVE-2023-50070 | 1 Oretnom23 | 1 Customer Support System | 2024-01-05 | N/A | 8.8 HIGH |
| Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_ticket via department_id, customer_id, and subject. | |||||
| CVE-2023-50035 | 1 Small Crm Project | 1 Small Crm | 2024-01-05 | N/A | 9.8 CRITICAL |
| PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection on the Users login panel because of "password" parameter is directly used in the SQL query without any sanitization and the SQL Injection payload being executed. | |||||
| CVE-2023-50589 | 1 Embras | 1 Geosiap Erp | 2024-01-05 | N/A | 9.8 CRITICAL |
| Grupo Embras GEOSIAP ERP v2.2.167.02 was discovered to contain a SQL injection vulnerability via the codLogin parameter on the login page. | |||||
| CVE-2023-4675 | 1 Gmbilisim | 1 Multi-disciplinary Design Optimization | 2024-01-05 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GM Information Technologies MDO allows SQL Injection.This issue affects MDO: through 20231229. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-50854 | 1 Squirrly | 1 Seo Plugin By Squirrly Seo | 2024-01-05 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Squirrly Squirrly SEO - Advanced Pack.This issue affects Squirrly SEO - Advanced Pack: from n/a through 2.3.8. | |||||
| CVE-2023-50855 | 1 Samperrow | 1 Pre Party Resource Hints | 2024-01-05 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sam Perrow Pre* Party Resource Hints.This issue affects Pre* Party Resource Hints: from n/a through 1.8.18. | |||||
| CVE-2023-50852 | 1 Stylemixthemes | 1 Bookit | 2024-01-05 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Booking Calendar | Appointment Booking | BookIt.This issue affects Booking Calendar | Appointment Booking | BookIt: from n/a through 2.4.3. | |||||
| CVE-2023-50849 | 1 E2pdf | 1 E2pdf | 2024-01-05 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.23. | |||||
| CVE-2023-50853 | 1 Advancedformintegration | 1 Advanced Form Integration | 2024-01-05 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nasirahmed Advanced Form Integration – Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms.This issue affects Advanced Form Integration – Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms: from n/a through 1.75.0. | |||||
| CVE-2023-23634 | 1 Documize | 1 Documize | 2024-01-05 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in Documize version 5.4.2, allows remote attackers to execute arbitrary code via the user parameter of the /api/dashboard/activity endpoint. | |||||
| CVE-2023-52135 | 1 Westguardsolutions | 1 Ws Form | 2024-01-05 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WS Form WS Form LITE – Drag & Drop Contact Form Builder for WordPress.This issue affects WS Form LITE – Drag & Drop Contact Form Builder for WordPress: from n/a through 1.9.170. | |||||
| CVE-2023-44088 | 1 Pandorafms | 1 Pandora Fms | 2024-01-05 | N/A | 8.8 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows SQL Injection. Arbitrary SQL queries were allowed to be executed using any account with low privileges. This issue affects Pandora FMS: from 700 through 774. | |||||
| CVE-2023-50837 | 1 Webfactoryltd | 1 Wp Login Lockdown | 2024-01-05 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WebFactory Ltd Login Lockdown – Protect Login Form.This issue affects Login Lockdown – Protect Login Form: from n/a through 2.06. | |||||
| CVE-2023-50840 | 1 Oplugins | 1 Booking Manager | 2024-01-04 | N/A | 8.8 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevelop, oplugins Booking Manager.This issue affects Booking Manager: from n/a through 2.1.5. | |||||
| CVE-2023-50841 | 1 Reputeinfosystems | 1 Bookingpress | 2024-01-04 | N/A | 8.8 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute Infosystems BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin.This issue affects BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin: from n/a through 1.0.72. | |||||
| CVE-2023-50842 | 1 Mf Gig Calendar Project | 1 Mf Gig Calendar | 2024-01-04 | N/A | 8.8 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar: from n/a through 1.2.1. | |||||
| CVE-2023-50843 | 1 Mediaburst | 1 Clockwork Sms Notfications | 2024-01-04 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Clockwork Clockwork SMS Notfications.This issue affects Clockwork SMS Notfications: from n/a through 3.0.4. | |||||
| CVE-2023-50844 | 1 Jamesward | 1 Wp Mail Catcher | 2024-01-04 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in James Ward Mail logging – WP Mail Catcher.This issue affects Mail logging – WP Mail Catcher: from n/a through 2.1.3. | |||||
| CVE-2023-50845 | 1 Ayecode | 1 Geodirectory | 2024-01-04 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AyeCode - WordPress Business Directory Plugins GeoDirectory – WordPress Business Directory Plugin, or Classified Directory.This issue affects GeoDirectory – WordPress Business Directory Plugin, or Classified Directory: from n/a through 2.3.28. | |||||