Fallos del tipo CWE-89
11.608 resultadosCVE-2022-24281HIGHA vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). A privileged authenticated attacEPSS 3.4%CVE-2024-24112CRITICALxmall v1.1 was discovered to contain a SQL injection vulnerability via the orderDir parameter.EPSS 3.3%CVE-2022-33965CRITICALWordPress WP Visitor Statistics plugin <= 5.7 - Multiple Unauthenticated SQL Injection (SQLi) vulnerabilitiesEPSS 3.3%CVE-2021-27464CRITICALRockwell Automation FactoryTalk AssetCentre SQL InjectionEPSS 3.3%CVE-2023-33439HIGHSourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id=.EPSS 3.3%CVE-2024-37393CRITICALMultiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthEPSS 3.3%CVE-2019-15985HIGHCisco Data Center Network Manager SQL Injection VulnerabilitiesEPSS 3.3%CVE-2024-32841HIGHSQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticEPSS 3.3%CVE-2024-32839HIGHSQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticEPSS 3.3%CVE-2023-27638CRITICALAn issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged wEPSS 3.3%CVE-2023-27637CRITICALAn issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged wEPSS 3.3%CVE-2023-43374CRITICALHoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the id_utente_log parameter at /hoteldruid/personalizza.php.EPSS 3.3%CVE-2025-65093MEDIUMLibreNMS is vulnerable to SQL Injection (Boolean-Based Blind) in hostname parameter in ajax_output.php endpointEPSS 3.2%CVE-2023-29849HIGHBang Resto 1.0 was discovered to contain multiple SQL injection vulnerabilities via the btnMenuItemID, itemID, itemPrice, menuID, staffID, oEPSS 3.2%CVE-2022-3158HIGHRockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. The FEPSS 3.2%CVE-2024-1207CRITICALBooking Calendar <= 9.9 - Unauthenticated SQL InjectionEPSS 3.2%CVE-2024-37381HIGHAn unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2024 flat allows an authenticated attacker within the same network tEPSS 3.1%CVE-2024-1751HIGHTutor LMS – eLearning and online course solution <= 2.6.1 - Authenticated (Subscriber+) SQL InjectionEPSS 3.1%CVE-2024-36518HIGHSQL InjectionEPSS 3.1%CVE-2024-38871HIGHSQL InjectionEPSS 3.1%