Fallos del tipo CWE-89
11.677 resultadosCVE-2021-33948CRITICALSQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows attacker to execute arbitrary code via the username parameter.EPSS 0.8%CVE-2021-24555—Diary & Availability Calendar <= 1.0.3 - Authenticated (subscriber+) SQL InjectionEPSS 0.8%CVE-2022-44379HIGHAutomotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_service.EPSS 0.8%CVE-2022-40097HIGHOnline Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_EPSS 0.8%CVE-2022-44413HIGHAutomotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/mechanics/manage_mechanic.php?id=.EPSS 0.8%CVE-2022-46950HIGHDynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?actiEPSS 0.8%CVE-2022-44137HIGHSourceCodester Sanitization Management System 1.0 is vulnerable to SQL Injection.EPSS 0.8%CVE-2022-40353HIGHOnline Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/up_bookEPSS 0.8%CVE-2022-40927HIGHOnline Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_designation.EPSS 0.8%CVE-2022-40928HIGHOnline Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_application.EPSS 0.8%CVE-2022-40403HIGHWedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/feature_edit.php.EPSS 0.8%CVE-2022-46946HIGHHelmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deleteEPSS 0.8%CVE-2022-44393HIGHSanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=services/view_service&id=.EPSS 0.8%CVE-2022-43066HIGHOnline Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/classes/EPSS 0.8%CVE-2022-40354HIGHOnline Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_EPSS 0.8%CVE-2022-43350HIGHSanitization Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php-sms/classes/Master.EPSS 0.8%CVE-2022-42143HIGHOpen Source SACCO Management System v1.0 is vulnerable to SQL Injection via /sacco_shield/manage_payment.php.EPSS 0.8%CVE-2024-1990HIGHRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.1.0 - Authenticated (Contributor+) SQL Injection via ShortcodeEPSS 0.8%CVE-2022-43352HIGHSanitization Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php-sms/classes/Master.EPSS 0.8%CVE-2022-44415HIGHAutomotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/mechanics/view_mechanic.php?id=.EPSS 0.8%