Weaknesses of type CWE-89
11,540 resultsCVE-2024-31445HIGHSQL Injection vulnerability in automation_get_new_graphs_sqlEPSS 26.2%CVE-2024-50326HIGHSQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticEPSS 25.8%CVE-2025-9428HIGHSQL InjectionEPSS 25.4%CVE-2024-34785CRITICALAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin pEPSS 25.4%CVE-2024-32840CRITICALAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin pEPSS 25.4%CVE-2024-50631HIGHImproper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in the system syncing daemon in Synology EPSS 24.9%CVE-2022-31101HIGHSQL Injection in prestashop/blockwishlistEPSS 24.1%CVE-2024-32845CRITICALAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin pEPSS 24.0%CVE-2024-34779CRITICALAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin pEPSS 24.0%CVE-2023-6579HIGHosCommerce POST Parameter shopping-cart sql injectionEPSS 23.8%CVE-2024-6748HIGHSQL InjectionEPSS 23.8%CVE-2023-34600CRITICALAdiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection.EPSS 23.7%CVE-2024-11773CRITICALSQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to ruEPSS 23.6%CVE-2022-1281—Photo Gallery < 1.6.3 - Unauthenticated SQL InjectionEPSS 23.5%CVE-2025-22954CRITICALGetLateOrMissingIssues in C4/Serials.pm in Koha before 24.11.02 allows SQL Injection in /serials/lateissues-export.pl via the supplierid or EPSS 23.2%CVE-2024-36465HIGHSQL injection in Zabbix APIEPSS 23.0%CVE-2025-8868CRITICALChef Automate compliance service SQL Injection VulnerabilityEPSS 22.8%CVE-2023-5591HIGHSQL Injection in librenms/librenmsEPSS 22.2%CVE-2024-43917CRITICALWordPress TI WooCommerce Wishlist plugin <= 2.8.2 - SQL Injection vulnerabilityEPSS 21.8%CVE-2022-1367CRITICALDelta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in Handler_TCV.ashx. This allEPSS 20.8%