Weaknesses of type CWE-89
11,540 resultsCVE-2024-32461HIGHLibreNMS vulnerable to time-based SQL injection that leads to database extractionEPSS 19.1%CVE-2024-21514HIGHThis affects versions of the package opencart/opencart from 0.0.0. An SQL Injection issue was identified in the Divido payment extension forEPSS 19.1%CVE-2014-0763—Advantech WebAccess SQL InjectionEPSS 19.0%CVE-2023-24775CRITICALFunadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php.EPSS 18.9%CVE-2023-0324HIGHSourceCodester Online Tours & Travels Management System page-login.php sql injectionEPSS 18.8%CVE-2024-21901MEDIUMmyQNAPcloudEPSS 18.7%CVE-2022-2086MEDIUMSourceCodester Bank Management System login.php sql injectionEPSS 18.6%CVE-2023-30149CRITICALSQL injection vulnerability in the City Autocomplete (cityautocomplete) module from ebewe.net for PrestaShop, prior to version 1.8.12 (for PEPSS 18.4%CVE-2026-20947HIGHMicrosoft SharePoint Server Remote Code Execution VulnerabilityEPSS 17.9%CVE-2024-2330MEDIUMNetentsec NS-ASG Application Security Gateway index.php sql injectionEPSS 17.6%CVE-2021-24786HIGHDownload Monitor < 4.4.5 - Admin+ SQL InjectionEPSS 17.5%CVE-2021-32789HIGHArbitrary SQL (SQL injection) possible via the Store API component.EPSS 17.2%CVE-2021-25076—WP User Frontend < 3.5.26 - SQL Injection to Reflected Cross-Site ScriptingEPSS 17.1%CVE-2023-7137MEDIUMcode-projects Client Details System HTTP POST Request sql injectionEPSS 17.0%CVE-2023-5322MEDIUMD-Link DAR-7000 edit_manageadmin.php sql injectionEPSS 16.7%CVE-2024-8669CRITICALBackuply – Backup, Restore, Migrate and Clone <= 1.3.4 - Authenticated (Admin+) SQL InjectionEPSS 16.7%CVE-2025-57833HIGHAn issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection iEPSS 15.6%CVE-2024-51818CRITICALWordPress Fancy Product Designer plugin <= 6.4.3 - Unauthenticated SQL Injection vulnerabilityEPSS 15.5%CVE-2022-47745HIGHZenTao 16.4 to 18.0.beta1 is vulnerable to SQL injection. After logging in with any user, you can complete SQL injection by constructing a sEPSS 15.4%CVE-2021-33733—A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitEPSS 15.4%