Fallos del tipo CWE-89
11.609 resultadosCVE-2022-34878MEDIUMVICIDial 2.14b0.5 SVN 3550 was discovered to contain a SQL injection vulnerability at /vicidial/user_stats.php.EPSS 2.7%CVE-2022-27479—SQL injection vulnerability in chart data APIEPSS 2.7%CVE-2021-36520HIGHA SQL injection vulnerability in I-Tech Trainsmart r1044 exists via a evaluation/assign-evaluation?id= URI.EPSS 2.7%CVE-2022-34877MEDIUMVICIDial 2.14b0.5 SVN 3550 was discovered to contains a SQL injection vulnerability at /vicidial/AST_agent_time_sheet.php.EPSS 2.7%CVE-2022-45030HIGHA SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= (this may interact with securEPSS 2.7%CVE-2023-30192CRITICALPrestashop possearchproducts 1.7 is vulnerable to SQL Injection via PosSearch::find().EPSS 2.7%CVE-2022-27596CRITICALVulnerability in QTSEPSS 2.7%CVE-2024-0705CRITICALStripe Payment Plugin for WooCommerce <= 3.7.9 - Unauthenticated SQL InjectionEPSS 2.7%CVE-2020-6139CRITICALSQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The username_stf_email parameter in the passworEPSS 2.6%CVE-2020-6137CRITICALSQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The password_stf_email parameter in the passworEPSS 2.6%CVE-2020-6138CRITICALSQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The uname parameter in the password reset page EPSS 2.6%CVE-2020-6140CRITICALSQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The password_stf_email parameter in the passworEPSS 2.6%CVE-2025-4396HIGHRelevanssi <= 4.24.4 (Free) and <= 2.27.5 (Premium) - Unauthenticated SQL InjectionEPSS 2.6%CVE-2019-9885CRITICALeClass platform contains a SQL injection vulnerabilityEPSS 2.6%CVE-2020-29493CRITICALDELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacEPSS 2.6%CVE-2024-5057CRITICALWordPress Easy Digital Downloads plugin <= 3.2.12 - SQL Injection vulnerabilityEPSS 2.6%CVE-2021-24132—Slider by 10Web < 1.2.36 - Multiple Authenticated SQL InjectionEPSS 2.6%CVE-2024-44541CRITICALevilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the "username" parameter in "/?action=processlogin."EPSS 2.6%CVE-2023-24000HIGHWordPress GamiPress Plugin <= 2.5.7 is vulnerable to SQL InjectionEPSS 2.6%CVE-2024-5678MEDIUMSQL InjectionEPSS 2.5%