Fallos del tipo CWE-89

11.711 resultados
CVE-2022-45206CRITICALJeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/duplicate/check.EPSS 0.8%CVE-2023-2951MEDIUMcode-projects Bus Dispatch and Information System delete_bus.php sql injectionEPSS 0.8%CVE-2024-3456MEDIUMNetentsec NS-ASG Application Security Gateway config_Anticrack.php sql injectionEPSS 0.8%CVE-2022-33960HIGHWordPress Social Share Buttons by Supsystic plugin <= 2.2.3 - Multiple Authenticated SQL Injection (SQLi) vulnerabilitiesEPSS 0.8%CVE-2026-27497CRITICALn8n has Potential Remote Code Execution via Merge NodeEPSS 0.8%CVE-2024-11646MEDIUM1000 Projects Beauty Parlour Management System edit-services.php sql injectionEPSS 0.8%CVE-2023-1100MEDIUMSourceCodester Online Catering Reservation System POST Parameter add_message.php sql injectionEPSS 0.8%CVE-2024-3087HIGHPHPGurukul Emergency Ambulance Hiring Portal Ambulance Tracking Page ambulance-tracking.php sql injectionEPSS 0.8%CVE-2026-48842HIGHRoundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuser_query plugin via a preg_reEPSS 0.8%CVE-2023-49750CRITICALWordPress Couponis Demo Plugin < 2.2 is vulnerable to SQL InjectionEPSS 0.8%CVE-2023-46453CRITICALCertain GL.iNet devices with 4.x firmware allow authentication bypass (resulting in administrative control of the device) via a username thaEPSS 0.8%CVE-2022-1688Note Press <= 0.1.10 - Admin+ SQLi via idEPSS 0.8%CVE-2022-1689Note Press <= 0.1.10 - Admin+ SQLi via UpdateEPSS 0.8%CVE-2022-1686Five Minute Webshop <= 1.3.2 - Admin+ SQLi via idEPSS 0.8%CVE-2022-1684Cube Slider <= 1.2 - Admin+ SQLiEPSS 0.8%CVE-2024-7636MEDIUMcode-projects Simple Ticket Booking Login authenticate.php sql injectionEPSS 0.8%CVE-2022-1690Note Press <= 0.1.10 - Admin+ SQLi via Bulk ActionsEPSS 0.8%CVE-2022-1687Logo Slider <= 1.4.8 - Admin+ SQLiEPSS 0.8%CVE-2025-34162CRITICALBian Que Feijiu Intelligent Emergency and Quality Control System SQL Injection via GetLyfsByParamsEPSS 0.8%CVE-2020-4035MEDIUMDoS or local data modification via malicious record IDs in WatermelonDBEPSS 0.8%