Weaknesses of type CWE-89

11,767 results
CVE-2023-2035MEDIUMCampcodes Video Sharing Website signup.php sql injectionEPSS 0.7%CVE-2023-5826MEDIUMNetentsec NS-ASG Application Security Gateway list_onlineuser.php sql injectionEPSS 0.7%CVE-2023-29598CRITICALlmxcms v1.4.1 was discovered to contain a SQL injection vulnerability via the setbook parameter at index.php.EPSS 0.7%CVE-2026-34612CRITICALKestra: Remote Code Execution via SQL InjectionEPSS 0.7%CVE-2024-7498MEDIUMitsourcecode Airline Reservation System Admin Login Page login.php login2 sql injectionEPSS 0.7%CVE-2024-13025MEDIUMCodezips College Management System faculty.php sql injectionEPSS 0.7%CVE-2025-66335MEDIUMApache Doris MCP Server: MCP SQL injectEPSS 0.7%CVE-2025-0561MEDIUMitsourcecode Farm Management System add-pig.php sql injectionEPSS 0.7%CVE-2024-7682MEDIUMcode-projects Job Portal rw_i_nat.php sql injectionEPSS 0.7%CVE-2025-4793MEDIUMPHPGurukul Online Course Registration edit-student-profile.php sql injectionEPSS 0.7%CVE-2023-3694MEDIUMSourceCodester/projectworlds House Rental and Property Listing index.php sql injectionEPSS 0.7%CVE-2024-25400CRITICALSubrion CMS 4.2.1 is vulnerable to SQL Injection via ia.core.mysqli.php. NOTE: this is disputed by multiple third parties because it refers EPSS 0.7%CVE-2024-34256CRITICALOFCMS V1.1.2 is vulnerable to SQL Injection via the new table function.EPSS 0.7%CVE-2024-23810HIGHA vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application is vulnerable to SQL injection. This coEPSS 0.7%CVE-2024-7273MEDIUMitsourcecode Alton Management System search.php sql injectionEPSS 0.7%CVE-2023-47558HIGHWordPress Who Hit The Page – Hit Counter Plugin <= 1.4.14.3 is vulnerable to SQL InjectionEPSS 0.7%CVE-2024-41512HIGHA SQL Injection vulnerability in "ccHandler.aspx" in all versions of CADClick v.1.11.0 and before allows remote attackers to execute arbitraEPSS 0.7%CVE-2024-9035MEDIUMcode-projects Blood Bank Management System Admin Login login.php sql injectionEPSS 0.7%CVE-2024-35355CRITICALA vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the EPSS 0.7%CVE-2024-23751CRITICALLlamaIndex (aka llama_index) through 0.9.34 allows SQL injection via the Text-to-SQL feature in NLSQLTableQueryEngine, SQLTableRetrieverQuerEPSS 0.7%