Weaknesses of type CWE-89

11,842 results
CVE-2024-13533HIGHSmall Package Quotes – USPS Edition <= 1.3.5 - Unauthenticated SQL InjectionEPSS 0.5%CVE-2025-2657MEDIUMprojectworlds Apartment Visitors Management System front.php sql injectionEPSS 0.5%CVE-2025-2644MEDIUMPHPGurukul Art Gallery Management System add-art-product.php sql injectionEPSS 0.5%CVE-2025-25775CRITICALCodeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket parameter in /BusTicket-CI/tiket/cekorder.EPSS 0.5%CVE-2025-2663MEDIUMPHPGurukul Bank Locker Management System search-locker-details.php sql injectionEPSS 0.5%CVE-2025-2065MEDIUMprojectworlds Life Insurance Management System editAgent.php sql injectionEPSS 0.5%CVE-2025-2646MEDIUMPHPGurukul Art Gallery Management System admin-profile.php sql injectionEPSS 0.5%CVE-2026-15335HIGHBooking Package <= 1.7.20 - Unauthenticated SQL Injection via 'email' Form ParameterEPSS 0.5%CVE-2025-2656MEDIUMPHPGurukul Zoo Management System login.php sql injectionEPSS 0.5%CVE-2025-2659MEDIUMProject Worlds Online Time Table Generator index.php sql injectionEPSS 0.5%CVE-2025-2643MEDIUMPHPGurukul Art Gallery Management System edit-art-type-detail.php sql injectionEPSS 0.5%CVE-2025-2050MEDIUMPHPGurukul User Registration & Login and User Management System login.php sql injectionEPSS 0.5%CVE-2025-2665MEDIUMPHPGurukul Online Security Guards Hiring System bwdates-reports-details.php sql injectionEPSS 0.5%CVE-2025-2118MEDIUMQuantico Tecnologia PRMV Login Endpoint login.php sql injectionEPSS 0.5%CVE-2024-33872CRITICALKeyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of EPSS 0.5%CVE-2024-52969LOWAn Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiSIEM ersion 7.1.7 andEPSS 0.5%CVE-2024-13473HIGHLTL Freight Quotes - Worldwide Express Edition <= 5.0.20 - Unauthenticated SQL InjectionEPSS 0.5%CVE-2023-47438MEDIUMSQL Injection vulnerability in Reportico Till 8.1.0 allows attackers to obtain sensitive information or other system information via the proEPSS 0.5%CVE-2026-27470HIGHZoneMinder: Second-Order SQL Injection in `getNearEvents()` via Stored Event Name and Cause FieldsEPSS 0.5%CVE-2022-47420MEDIUMWordPress Accessibility Suite by Online ADA Plugin <= 4.12 is vulnerable to SQL InjectionEPSS 0.5%