Weaknesses of type CWE-89
11,609 resultsCVE-2019-12680HIGHCisco Firepower Management Center SQL Injection VulnerabilitiesEPSS 3.0%CVE-2019-12683HIGHCisco Firepower Management Center SQL Injection VulnerabilitiesEPSS 3.0%CVE-2020-13500CRITICALSQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. SpecEPSS 2.9%CVE-2020-13499CRITICALAn SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. SEPSS 2.9%CVE-2020-13501CRITICALAn SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. SEPSS 2.9%CVE-2020-25638HIGHA flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA CriteriEPSS 2.9%CVE-2024-13979CRITICALSt. Joe ERP System SingleRowQueryConverter SQL InjectionEPSS 2.9%CVE-2025-1323HIGHWP-Recall – Registration, Profile, Commerce & More <= 16.26.10 - Unauthenticated SQL InjectionEPSS 2.9%CVE-2022-42428HIGHThis vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploEPSS 2.9%CVE-2022-42426HIGHThis vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploEPSS 2.9%CVE-2018-1132HIGHA flaw was found in Opendaylight's SDNInterfaceapp (SDNI). Attackers can SQL inject the component's database (SQLite) without authenticatingEPSS 2.9%CVE-2025-22785CRITICALWordPress Course Booking System plugin <= 6.0.6 - SQL Injection vulnerabilityEPSS 2.8%CVE-2023-6575MEDIUMByzoro S210 HTTP POST Request repair.php sql injectionEPSS 2.8%CVE-2024-25833CRITICALF-logic DataCube3 v1.0 is vulnerable to unauthenticated SQL injection, which could allow an unauthenticated malicious actor to execute arbitEPSS 2.8%CVE-2024-8911CRITICALLatePoint <= 5.0.11 - Unauthenticated Arbitrary User Password Change via SQL InjectionEPSS 2.8%CVE-2022-45297CRITICALEQ v1.5.31 to v2.2.0 was discovered to contain a SQL injection vulnerability via the UserPwd parameter.EPSS 2.8%CVE-2021-35234HIGHExposed Dangerous Functions - Privileged EscalationEPSS 2.8%CVE-2021-24385—Filebird 4.7.3 - Unauthenticated SQL InjectionEPSS 2.8%CVE-2021-21024CRITICALMagento Commerce Blind SQL Injection Could Lead To Unauthorized AccessEPSS 2.8%CVE-2022-34876MEDIUMVICIDial 2.14b0.5 SVN 3550 was discovered to contain multiple SQL injection vulnerability at /vicidial/admin.php.EPSS 2.7%