Fallos del tipo CWE-89
11.704 resultadosCVE-2024-35275MEDIUMA improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2EPSS 0.8%CVE-2023-5437HIGHWP fade in text news <= 12.0 - Authenticated (Subscriber+) SQL Injection via ShortcodeEPSS 0.8%CVE-2024-7219MEDIUMSourceCodester/Campcodes School Log Management System ajax.php sql injectionEPSS 0.8%CVE-2023-27203CRITICALBest POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /billing/home.php.EPSS 0.8%CVE-2022-42245CRITICALDreamer CMS 4.0.01 is vulnerable to SQL Injection.EPSS 0.8%CVE-2024-29302HIGHSourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-employee.php.EPSS 0.8%CVE-2023-5634CRITICALSQLi in ArslanSoft's Education PortalEPSS 0.8%CVE-2014-125091MEDIUMcodepeople cp-polls Plugin cp-admin-int-message-list.inc.php sql injectionEPSS 0.8%CVE-2023-30077CRITICALJudging Management System v1.0 by oretnom23 was discovered to vulnerable to SQL injection via /php-jms/review_result.php?mainevent_id=, mainEPSS 0.8%CVE-2023-27202CRITICALBest POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /kruxton/receipt.php.EPSS 0.8%CVE-2024-5984MEDIUMitsourcecode Online Bookstore book.php sql injectionEPSS 0.8%CVE-2022-43213CRITICALBilling System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editorder.php.EPSS 0.8%CVE-2024-25866HIGHA SQL Injection vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary SQL commaEPSS 0.8%CVE-2024-25469HIGHSQL Injection vulnerability in CRMEB crmeb_java v.1.3.4 and before allows a remote attacker to obtain sensitive information via the latitudeEPSS 0.8%CVE-2024-24213CRITICALSupabase PostgreSQL v15.1 was discovered to contain a SQL injection vulnerability via the component /pg_meta/default/query. NOTE: the vendorEPSS 0.8%CVE-2022-20786MEDIUMCisco Unified Communications Manager IM & Presence Service SQL Injection VulnerabilityEPSS 0.8%CVE-2023-5265MEDIUMTongda OA 2017 delete.php sql injectionEPSS 0.8%CVE-2024-25239CRITICALSQL Injection vulnerability in Sourcecodester Employee Management System v1.0 allows attackers to run arbitrary SQL commands via crafted POSEPSS 0.8%CVE-2023-5261MEDIUMTongda OA 2017 delete.php sql injectionEPSS 0.8%CVE-2023-5267MEDIUMTongda OA 2017 delete.php sql injectionEPSS 0.8%