Fallos del tipo CWE-89

11.739 resultados
CVE-2024-25223CRITICALSimple Admin Panel App v1.0 was discovered to contain a SQL injection vulnerability via the orderID parameter at /adminView/viewEachOrder.phEPSS 0.6%CVE-2024-0594HIGHAwesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Authenticated (Subscriber+) SQL InjectionEPSS 0.6%CVE-2024-10167MEDIUMCodezips Sales Management System deletecustind.php sql injectionEPSS 0.6%CVE-2024-10737MEDIUMCodezips Free Exam Hall Seating Management System teacher.php sql injectionEPSS 0.6%CVE-2025-41375CRITICALSQL Injection in LimesurveyEPSS 0.6%CVE-2024-25247CRITICALSQL Injection vulnerability in /app/api/controller/Store.php in Niushop B2B2C V5 allows attackers to run arbitrary SQL commands via latitudeEPSS 0.6%CVE-2017-20172MEDIUMridhoq soundslike songs.py get_song_relations sql injectionEPSS 0.6%CVE-2024-8415MEDIUMSourceCodester Food Ordering Management System add-ticket.php sql injectionEPSS 0.6%CVE-2023-30872HIGHWordPress BSK Forms Blacklist Plugin <= 3.6.2 is vulnerable to SQL InjectionEPSS 0.6%CVE-2024-6190MEDIUMitsourcecode Farm Management System Login index.php sql injectionEPSS 0.6%CVE-2024-24017HIGHA SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass crafted offset, limit, and sort paramEPSS 0.6%CVE-2024-5311CRITICALDigiWin EasyFlow .NET - SQL InjectionEPSS 0.6%CVE-2025-2661MEDIUMProject Worlds Online Time Table Generator index.php sql injectionEPSS 0.6%CVE-2025-0340MEDIUMcode-projects Cinema Seat Reservation System deleteBooking.php sql injectionEPSS 0.6%CVE-2024-47977HIGHDell Avamar, versions prior to 19.12 with patch 338905, excluding 19.10 and 19.10SP1 with patch 338869, contains an Improper Neutralization EPSS 0.6%CVE-2024-9971HIGHNewType FlowMaster BPM Plus - SQL InjectionEPSS 0.6%CVE-2024-9968HIGHNewType WebEIP v3.0 - SQL injectionEPSS 0.6%CVE-2025-63624CRITICALSQL Injection vulnerability in Shandong Kede Electronics Co., Ltd IoT smart water meter monitoring platform v.1.0 allows a remote attacker tEPSS 0.6%CVE-2024-22628HIGHBudget and Expense Tracker System v1.0 is vulnerable to SQL Injection via /expense_budget/admin/?page=reports/budget&date_start=2023-12-28&dEPSS 0.6%CVE-2023-33178MEDIUMSensitive Information Disclosure abusing SQL Injection in Xibo CMS dataset filterEPSS 0.6%