Fallos del tipo CWE-89

11.767 resultados
CVE-2024-2478MEDIUMBradWenqiang HR Background Management register selectAll sql injectionEPSS 0.6%CVE-2022-25775MEDIUMSQL Injection in dynamic ReportsEPSS 0.6%CVE-2024-0558MEDIUMDedeBIZ makehtml_freelist_action.php sql injectionEPSS 0.6%CVE-2024-41237CRITICALA SQL injection vulnerability in /smsa/teacher_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to executeEPSS 0.6%CVE-2024-6735MEDIUMitsourcecode Tailoring Management System setgeneral.php sql injectionEPSS 0.6%CVE-2024-25845CRITICALIn the module "CD Custom Fields 4 Orders" (cdcustomfields4orders) <= 1.0.0 from Cleanpresta.com for PrestaShop, a guest can perform SQL injeEPSS 0.6%CVE-2025-50567CRITICALSaurus CMS Community Edition 4.7.1 contains a vulnerability in the custom DB::prepare() function, which uses preg_replace() with the deprecaEPSS 0.6%CVE-2024-25526HIGHRuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the project_id parameter at /ProjectManage/pm_gatt_incEPSS 0.6%CVE-2018-25057MEDIUMsimple_php_link_shortener index.php sql injectionEPSS 0.6%CVE-2024-56047HIGHWordPress WPLMS plugin < 1.9.9.5.3 - Subscriber+ SQL Injection vulnerabilityEPSS 0.6%CVE-2024-0730MEDIUMProject Worlds Online Time Table Generator course_ajax.php sql injectionEPSS 0.6%CVE-2025-44033CRITICALSQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the allDirector() method declaraEPSS 0.6%CVE-2024-0729MEDIUMForU CMS cms_admin.php sql injectionEPSS 0.6%CVE-2024-51165HIGHSQL injection vulnerability in JEPAAS7.2.8, via /je/rbac/rbac/loadLoginCount in the dateVal parameter, which could allow a remote user to suEPSS 0.6%CVE-2024-50833LOWA SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password paEPSS 0.6%CVE-2022-2577MEDIUMSourceCodester Garage Management System edituser.php sql injectionEPSS 0.6%CVE-2025-1641MEDIUMBenner ModernaNet GetHorariosDoDia sql injectionEPSS 0.6%CVE-2024-8223MEDIUMSourceCodester Music Gallery Site Master.php sql injectionEPSS 0.6%CVE-2024-8220MEDIUMitsourcecode Tailoring Management System staffedit.php sql injectionEPSS 0.6%CVE-2024-53808HIGHWordPress NEX-Forms plugin <= 8.7.8 - SQL Injection vulnerabilityEPSS 0.6%