Fallos del tipo CWE-89
11.605 resultadosCVE-2023-43373CRITICALHoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the n_utente_agg parameter at /hoteldruid/interconnessioni.phpEPSS 3.8%CVE-2021-22859CRITICALEIC e-document system - SQL InjectionEPSS 3.8%CVE-2024-11305MEDIUMAltenergy Power Control Software status_zigbee get_status_zigbee sql injectionEPSS 3.7%CVE-2022-44291CRITICALwebTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php.EPSS 3.7%CVE-2022-44290CRITICALwebTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php.EPSS 3.7%CVE-2022-3481CRITICALWooCommerce Dropshipping < 4.4 - Unauthenticated SQLiEPSS 3.7%CVE-2025-10184HIGHOnePlus OxygenOS Telephony provider permission bypassEPSS 3.7%CVE-2023-33338CRITICALOld Age Home Management 1.0 is vulnerable to SQL Injection via the username parameter.EPSS 3.7%CVE-2018-15441CRITICALCisco Prime License Manager SQL Injection VulnerabilityEPSS 3.7%CVE-2024-8484HIGHREST API TO MiniProgram <= 4.7.1 - Unauthenticated SQL InjectionEPSS 3.6%CVE-2024-33559CRITICALWordPress XStore theme <= 9.3.5 - Unauthenticated SQL Injection vulnerabilityEPSS 3.6%CVE-2017-3221—Blind SQL injection in Inmarsat AmosConnect 8 login form allows remote attackers to access user credentials, including user names and passwoEPSS 3.5%CVE-2017-6050—A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user inpuEPSS 3.5%CVE-2024-12270HIGHBeautiful Taxonomy Filters <= 2.4.3 - Unauthenticated SQL InjectionEPSS 3.5%CVE-2022-1531CRITICALSQL injection vulnerability in ARAX-UI Synonym Lookup functionality in rtxteam/rtxEPSS 3.5%CVE-2021-38391—A Blind SQL injection vulnerability exists in the /DataHandler/AM/AM_Handler.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 andEPSS 3.5%CVE-2024-5827CRITICALArbitrary File Write by Prompt Injection via DuckDB SQL in vanna-ai/vannaEPSS 3.5%CVE-2023-34754CRITICALbloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=pluginsEPSS 3.4%CVE-2022-2467HIGHSourceCodester Garage Management System login.php sql injectionEPSS 3.4%CVE-2021-27468CRITICALRockwell Automation FactoryTalk AssetCentre SQL InjectionEPSS 3.4%