Weaknesses of type CWE-89
11,771 resultsCVE-2023-33278CRITICALIn the Store Commander scexportcustomers module for PrestaShop through 3.6.1, sensitive SQL calls can be executed with a trivial HTTP requesEPSS 0.6%CVE-2023-3808MEDIUMHospital Management System patientforgotpassword.php sql injectionEPSS 0.6%CVE-2023-2519HIGHCaton CTP Relay Server API login sql injectionEPSS 0.6%CVE-2023-3677HIGHWooCommerce PDF Invoice Builder <= 1.2.89 - Authenticated (Subscriber+) SQL Injection via ExportEPSS 0.6%CVE-2022-41775HIGHDelta Electronics DIAEnergie SQL InjectionEPSS 0.6%CVE-2024-6652MEDIUMitsourcecode Gym Management System manage_member.php sql injectionEPSS 0.6%CVE-2024-7306MEDIUMSourceCodester Establishment Billing Management System manage_block.php sql injectionEPSS 0.6%CVE-2022-43457HIGHDelta Electronics DIAEnergie SQL InjectionEPSS 0.6%CVE-2024-7307MEDIUMSourceCodester Establishment Billing Management System manage_billing.php sql injectionEPSS 0.6%CVE-2024-42533CRITICALSQL injection vulnerability in the authentication module in Convivance StandVoice 4.5 through 6.2 allows remote attackers to execute arbitraEPSS 0.6%CVE-2014-125085MEDIUMGimmie Plugin trigger_ratethread.php sql injectionEPSS 0.6%CVE-2014-125084MEDIUMGimmie Plugin trigger_referral.php sql injectionEPSS 0.6%CVE-2024-28392CRITICALSQL injection vulnerability in pscartabandonmentpro v.2.0.11 and before allows a remote attacker to escalate privileges via the pscartabandoEPSS 0.6%CVE-2022-43447HIGHDelta Electronics DIAEnergie SQL InjectionEPSS 0.6%CVE-2023-0533MEDIUMSourceCodester Online Tours & Travels Management System expense_report.php sql injectionEPSS 0.6%CVE-2024-6731MEDIUMSourceCodester Student Study Center Desk Management System Master.php sql injectionEPSS 0.6%CVE-2023-5336HIGHiPanorama 360 – WordPress Virtual Tour Builder <= 1.8.0 - Authenticated (Contributor+) SQL Injection via ShortcodeEPSS 0.6%CVE-2024-25524CRITICALRuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sys_file_storage_id parameter at /WorkPlan/WorkPlaEPSS 0.6%CVE-2022-39822HIGHIn NOKIA NFM-T R19.9, a SQL Injection vulnerability occurs in /cgi-bin/R19.9/easy1350.pl of the VM Manager WebUI via the id or host HTTP GETEPSS 0.6%CVE-2024-7548HIGHLearnPress – WordPress LMS Plugin <= 4.2.6.9.3 - Authenticated (Contributor+) SQL Injection via order ParameterEPSS 0.6%