Fallos del tipo CWE-89

11.826 resultados
CVE-2024-57665CRITICALJFinalCMS 1.0 is vulnerable to SQL Injection in rc/main/java/com/cms/entity/Content.java. The cause of the vulnerability is that the title pEPSS 0.5%CVE-2025-2854MEDIUMcode-projects Payroll Management System update_employee.php sql injectionEPSS 0.5%CVE-2025-5401MEDIUMchaitak-gorai Blogbook GET Parameter post.php sql injectionEPSS 0.5%CVE-2025-5402MEDIUMchaitak-gorai Blogbook GET Parameter edit_post.php sql injectionEPSS 0.5%CVE-2024-6041MEDIUMitsourcecode Gym Management System manage_user.php sql injectionEPSS 0.5%CVE-2025-3267MEDIUMqinguoyi TinyWebServer http_conn.cpp sql injectionEPSS 0.5%CVE-2025-3348MEDIUMcode-projects Patient Record Management System edit_dpatient.php sql injectionEPSS 0.5%CVE-2025-2847MEDIUMCodezips Gym Management System over_month.php sql injectionEPSS 0.5%CVE-2024-53499CRITICALJeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API.EPSS 0.5%CVE-2025-3134MEDIUMcode-projects Payroll Management System add_overtime.php sql injectionEPSS 0.5%CVE-2025-8500MEDIUMcode-projects Human Resource Integrated System action.php sql injectionEPSS 0.5%CVE-2025-3142MEDIUMSourceCodester Apartment Visitor Management System add-apartment.php sql injectionEPSS 0.5%CVE-2025-65354CRITICALImproper input handling in /Grocery/search_products_itname.php inPuneethReddyHC event-management 1.0 permits SQL injection via the sitem_namEPSS 0.5%CVE-2026-30530CRITICALA SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_custoEPSS 0.5%CVE-2024-9475MEDIUMPoll Maker – Versus Polls, Anonymous Polls, Image Polls <= 5.4.6 - Authenticated (Administrator+) SQL Injection via Order_by ParameterEPSS 0.5%CVE-2025-3347MEDIUMcode-projects Patient Record Management System dental_pending.php sql injectionEPSS 0.5%CVE-2025-7155MEDIUMPHPGurukul Online Notes Sharing System Cookie Dashboard sql injectionEPSS 0.5%CVE-2025-25994HIGHSQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive information via the parameters date1, date2,EPSS 0.5%CVE-2026-32271HIGHCraft Commerce: SQL Injection can lead to Remote Code Execution via TotalRevenue WidgetEPSS 0.5%CVE-2024-50479CRITICALWordPress Woocommerce Quote Calculator plugin <= 1.1 - SQL Injection vulnerabilityEPSS 0.5%