Weaknesses of type CWE-89

11,778 results
CVE-2023-2841HIGHAdvanced Local Pickup for WooCommerce <= 1.5.5 - Authenticated (Administrator+) SQL InjectionEPSS 0.6%CVE-2024-0182HIGHSourceCodester Engineers Online Portal Admin Login sql injectionEPSS 0.6%CVE-2022-46442CRITICALdedecms <=V5.7.102 is vulnerable to SQL Injection. In sys_ sql_ n query.php there are no restrictions on the sql query.EPSS 0.6%CVE-2022-46955CRITICALDynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?actiEPSS 0.6%CVE-2023-2089MEDIUMSourceCodester Complaint Management System GET Parameter userprofile.php sql injectionEPSS 0.6%CVE-2022-36787CRITICALwebvendome - webvendome SQL InjectionEPSS 0.6%CVE-2023-30204CRITICALJudging Management System v1.0 was discovered to contain a SQL injection vulnerability via the judge_id parameter at /php-jms/edit_judge.phpEPSS 0.6%CVE-2022-39180CRITICALCollege Management System v1.0 - SQL Injection (SQLi)EPSS 0.6%CVE-2022-46954CRITICALDynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?actiEPSS 0.6%CVE-2024-8950CRITICALSQLi in Arne Informatics' Piramit AutomationEPSS 0.6%CVE-2024-0474HIGHcode-projects Dormitory Management System login.php sql injectionEPSS 0.6%CVE-2023-35851HIGHSUNNET WMPro - SQL InjectionEPSS 0.6%CVE-2024-53480CRITICALPhpgurukul's Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in `login.php` via the `emailcont` parameter.EPSS 0.6%CVE-2025-10878CRITICALA SQL injection vulnerability exists in the login functionality of Fikir Odalari AdminPando 1.0.1 before 2026-01-26. The username and passwoEPSS 0.6%CVE-2024-2264HIGHkeerti1924 PHP-MYSQL-User-Login-System login.php sql injectionEPSS 0.6%CVE-2022-48082CRITICALEasyone CRM v5.50.02 was discovered to contain a SQL Injection vulnerability via the text parameter at /Services/Misc.asmx/SearchTag.EPSS 0.6%CVE-2024-42357HIGHShopware vulnerable to blind SQL-injection in DAL aggregationsEPSS 0.6%CVE-2023-33279CRITICALIn the Store Commander scfixmyprestashop module through 2023-05-09 for PrestaShop, sensitive SQL calls can be executed with a trivial HTTP rEPSS 0.6%CVE-2024-8308MEDIUMSiempelkamp: SQL injection due to improper handling of HTTP request input dataEPSS 0.6%CVE-2024-8709MEDIUMSourceCodester Best House Rental Management System admin_class.php save_user sql injectionEPSS 0.6%