Weaknesses of type CWE-89
11,622 resultsCVE-2022-0255—Database Backup for WordPress < 2.5.1 - Admin+ SQL InjectionEPSS 1.3%CVE-2020-12034—Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6EPSS 1.3%CVE-2020-10617—There are multiple ways an unauthenticated attacker could perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access toEPSS 1.3%CVE-2023-39344CRITICALsocial-media-skeleton vulnerable to Pre-Auth SQLi leading to RCEEPSS 1.3%CVE-2021-37497CRITICALSQL injection vulnerability in route of PbootCMS 3.0.5 allows remote attackers to run arbitrary SQL commands via crafted GET request.EPSS 1.3%CVE-2017-9443HIGHBigTree CMS through 4.2.18 allows remote authenticated users to conduct SQL injection attacks via a crafted tables object in manifest.json iEPSS 1.3%CVE-2021-24778—Tradetracker-Store < 4.6.60 - Admin+ SQL InjectionEPSS 1.3%CVE-2021-24143—AccessPress Social Icons < 1.8.1 - Authenticated SQL InjectionEPSS 1.3%CVE-2021-4208—ExportFeed <= 2.0.1.0 - Admin+ SQL InjectionEPSS 1.3%CVE-2022-0267—AdRotate < 5.8.22 - Admin+ SQL InjectionEPSS 1.3%CVE-2021-24181—Tutor LMS < 1.7.7 - SQL Injection via tutor_mark_answer_as_correctEPSS 1.3%CVE-2021-24185—Tutor LMS < 1.7.7 - SQL Injection via tutor_place_ratingEPSS 1.3%CVE-2021-24186—Tutor LMS < 1.8.3 - SQL Injection via tutor_answering_quiz_question/get_answer_by_idEPSS 1.3%CVE-2026-44680HIGHMikroORM: SQL injection via runtime-controlled identifiers and JSON-path keysEPSS 1.3%CVE-2020-3936CRITICALUnisoon UltraLog Express - SQL InjectionEPSS 1.2%CVE-2021-1222MEDIUMCisco Smart Software Manager Satellite SQL Injection VulnerabilityEPSS 1.2%CVE-2023-48118CRITICALSQL Injection vulnerability in Quest Analytics LLC IQCRM v.2023.9.5 allows a remote attacker to execute arbitrary code via a crafted requestEPSS 1.2%CVE-2020-29168CRITICALSQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows attackers to gain sensitive information via thEPSS 1.2%CVE-2025-22214MEDIUMLandray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection.EPSS 1.2%CVE-2017-11161—Multiple SQL injection vulnerabilities in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allow remote attackers to execute arbitrary EPSS 1.2%