Fallos del tipo CWE-89

11.706 resultados
CVE-2025-55444CRITICALA SQL injection vulnerability exists in the id2 parameter of the cancel_booking.php page in Online Artwork and Fine Arts MCA Project 1.0. A EPSS 0.8%CVE-2023-48738CRITICALWordPress Porto Theme - Functionality Plugin < 2.12.1 is vulnerable to SQL InjectionEPSS 0.8%CVE-2024-1893HIGHEasy Property Listings <= 3.5.2 - Authenticated(Contributor+) SQL Injection via ShortcodeEPSS 0.8%CVE-2023-5663HIGHNews Announcement Scroll <= 9.0.0 - Authenticated (Contributor+) SQL Injection via ShortcodeEPSS 0.8%CVE-2024-3226HIGHCampcodes Online Patient Record Management System login.php sql injectionEPSS 0.8%CVE-2022-45330HIGHAeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Category parameter at \category.php. This vulnerability allowEPSS 0.8%CVE-2023-23660HIGHWordPress MainWP Maintenance Extension Plugin <= 4.1.1 is vulnerable to SQL InjectionEPSS 0.8%CVE-2022-45331HIGHAeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the p_id parameter at \post.php. This vulnerability allows attackEPSS 0.8%CVE-2017-20130MEDIUMItech Real Estate Script search_property.php sql injectionEPSS 0.8%CVE-2017-20131MEDIUMItech News Portal information.php sql injectionEPSS 0.8%CVE-2024-20536HIGHCisco Nexus Dashboard Fabric Controller SQL Injection VulnerabilityEPSS 0.8%CVE-2024-26262HIGHEBM Technologies Uniweb/SoliPACS WebServer - SQL InjectionEPSS 0.8%CVE-2024-6027CRITICALThemify - WooCommerce Product Filter <= 1.4.9 - Unauthenticated SQL Injection via conditions ParameterEPSS 0.8%CVE-2024-3767MEDIUMPHPGurukul News Portal edit-post.php sql injectionEPSS 0.8%CVE-2022-1078HIGHSourceCodester College Website Management System sql injectionEPSS 0.8%CVE-2024-12884MEDIUMCodezips E-Commerce Website login.php sql injectionEPSS 0.8%CVE-2021-32704HIGHImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in dhis2-coreEPSS 0.8%CVE-2024-24002CRITICALjshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.MaterialController: com.jsh.erp.utils.BaseResponseInfo getListWithStoEPSS 0.8%CVE-2023-37931HIGHAn improper neutralization of special elements used in an sql command ('sql injection') vulnerability [CWE-88] in FortiVoice Entreprise versEPSS 0.8%CVE-2022-36276CRITICALSQL injection vulnerability in TCMAN GIMEPSS 0.8%