Fallos del tipo CWE-89

11.837 resultados
CVE-2024-43976CRITICALWordPress Super Store Finder plugin <= 6.9.7 - SQL Injection vulnerabilityEPSS 0.5%CVE-2025-10011MEDIUMPortabilis i-Educar edit sql injectionEPSS 0.5%CVE-2025-11312MEDIUMTipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 findModulePage.do findModulePage sql injectionEPSS 0.5%CVE-2026-4817MEDIUMMasterStudy LMS <= 3.7.25 - Authenticated (Subscriber+) Time-based Blind SQL Injection via 'order' and 'orderby' ParametersEPSS 0.5%CVE-2025-1855MEDIUMPHPGurukul Online Shopping Portal product-details.php sql injectionEPSS 0.5%CVE-2025-11911MEDIUMShenzhen Ruiming Technology Streamax Crocus DeviceFault.do Query sql injectionEPSS 0.5%CVE-2024-33960CRITICALSQL injection in Janobe productsEPSS 0.5%CVE-2026-40906CRITICALElectric: SQL Injection via ORDER BY Parameter in Shape APIEPSS 0.5%CVE-2024-41702CRITICALSiberianCMS – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')EPSS 0.5%CVE-2024-7278MEDIUMitsourcecode Alton Management System team_save.php sql injectionEPSS 0.5%CVE-2025-11912MEDIUMShenzhen Ruiming Technology Streamax Crocus DeviceState.do Query sql injectionEPSS 0.5%CVE-2025-11910MEDIUMShenzhen Ruiming Technology Streamax Crocus MemoryState.do query sql injectionEPSS 0.5%CVE-2025-13673HIGHTutor LMS <= 3.9.6 - Unauthenticated SQL Injection via coupon_codeEPSS 0.5%CVE-2024-2338HIGHSQL Injection in PostgreSQL Anonymizer 1.2 allows table owner to gain superuser privileges via masking ruleEPSS 0.5%CVE-2025-11909MEDIUMShenzhen Ruiming Technology Streamax Crocus RepairRecord.do queryLast sql injectionEPSS 0.5%CVE-2023-3864HIGHSQL injection vulnerability in Snow License ManagerEPSS 0.5%CVE-2024-13234HIGHProduct Table by WBW <= 2.1.2 - Unuthenticated SQL InjectionEPSS 0.5%CVE-2024-13426MEDIUMWP-Polls <= 2.77.2 - Unauthenticated SQL Injection to Stored Cross-Site ScriptingEPSS 0.5%CVE-2025-44034HIGHSQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the alph parameters in src/main/EPSS 0.5%CVE-2025-27617MEDIUMPimcore Vulnerable to SQL Injection in getRelationFilterConditionEPSS 0.5%