Fallos del tipo CWE-89

11.677 resultados
CVE-2022-46946HIGHHelmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deleteEPSS 0.8%CVE-2024-1990HIGHRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.1.0 - Authenticated (Contributor+) SQL Injection via ShortcodeEPSS 0.8%CVE-2022-43352HIGHSanitization Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php-sms/classes/Master.EPSS 0.8%CVE-2020-13590MEDIUMMultiple exploitable SQL injection vulnerabilities exist in the 'entities/fields' page of the Rukovoditel Project Management App 2.7.2. A spEPSS 0.8%CVE-2021-24555Diary & Availability Calendar <= 1.0.3 - Authenticated (subscriber+) SQL InjectionEPSS 0.8%CVE-2025-62360CRITICALWeGIA SQL Injection via 'id_dependente' param at endpoint `/html/funcionario/dependente_documento.php`EPSS 0.8%CVE-2022-40927HIGHOnline Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_designation.EPSS 0.8%CVE-2022-46952HIGHDynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?actiEPSS 0.8%CVE-2024-3055HIGHUnlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Authenticated (Contributor+) SQL InjectionEPSS 0.8%CVE-2022-44413HIGHAutomotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/mechanics/manage_mechanic.php?id=.EPSS 0.8%CVE-2022-46947HIGHHelmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deleteEPSS 0.8%CVE-2022-46950HIGHDynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?actiEPSS 0.8%CVE-2022-40353HIGHOnline Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/up_bookEPSS 0.8%CVE-2022-46949HIGHHelmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deleteEPSS 0.8%CVE-2023-2347MEDIUMSourceCodester Service Provider Management System manage_service.php sql injectionEPSS 0.8%CVE-2023-2346MEDIUMSourceCodester Service Provider Management System view_inquiry.php sql injectionEPSS 0.8%CVE-2023-2696MEDIUMSourceCodester Online Exam System POST Parameter data sql injectionEPSS 0.8%CVE-2023-2659MEDIUMSourceCodester Online Computer and Laptop Store view_product.php sql injectionEPSS 0.8%CVE-2023-2693MEDIUMSourceCodester Online Exam System POST Parameter data sql injectionEPSS 0.8%CVE-2023-2694MEDIUMSourceCodester Online Exam System POST Parameter data sql injectionEPSS 0.8%