Fallos del tipo CWE-89
11.837 resultadosCVE-2019-25543HIGHNetartmedia Real Estate Portal 5.0 SQL Injection via index.phpEPSS 0.5%CVE-2025-26186HIGHSQL Injection vulnerability in openSIS v.9.1 allows a remote attacker to execute arbitrary code via the id parameter in Ajax.phpEPSS 0.5%CVE-2025-40735HIGHA vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected devices are vulnerable to SQL injection. This could allEPSS 0.5%CVE-2019-25542HIGHNetartmedia Real Estate Portal 5.0 SQL Injection via index.phpEPSS 0.5%CVE-2024-11714MEDIUMWP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL Injection via getFieldsForVisibleCombobox()EPSS 0.5%CVE-2024-11710MEDIUMWP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL InjectionEPSS 0.5%CVE-2024-11713MEDIUMWP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL Injection via wpjobportal_deactivate()EPSS 0.5%CVE-2026-28805HIGHOpenSTAManager: Time-Based Blind SQL Injection via `options[stato]` ParameterEPSS 0.5%CVE-2024-53807HIGHWordPress WP Mailster plugin <= 1.8.16.0 - SQL Injection vulnerabilityEPSS 0.5%CVE-2026-34099CRITICALGuardian Language-System Unauthenticated SQL Injection via id Parameter in job_info.phpEPSS 0.5%CVE-2025-28009CRITICALA SQL Injection vulnerability exists in the `u` parameter of the progress-body-weight.php endpoint of Dietiqa App v1.0.20.EPSS 0.5%CVE-2024-2386HIGHWordPress Plugin for Google Maps – WP MAPS <= 4.6.1 - Authenticated (Contributor+) SQL InjectionEPSS 0.5%CVE-2024-13475HIGHSmall Package Quotes – UPS Edition <= 4.5.16 - Unauthenticated SQL InjectionEPSS 0.5%CVE-2025-30971CRITICALWordPress XV Random Quotes plugin <= 2.0.0 - SQL Injection vulnerabilityEPSS 0.5%CVE-2024-12067MEDIUMWP Travel – Ultimate Travel Booking System, Tour Management Engine <= 10.0.0 - Authenticated (Subscriber+) SQL InjectionEPSS 0.5%CVE-2024-28560MEDIUMSQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea() function of tEPSS 0.5%CVE-2025-56162MEDIUMYOSHOP 2.0 suffers from an unauthenticated SQL injection in the goodsIds parameter of the /api/goods/listByIds endpoint. The getListByIds fuEPSS 0.5%CVE-2024-47325HIGHWordPress Multiple Page Generator Plugin – MPG plugin <= 3.4.7 - SQL Injection vulnerabilityEPSS 0.5%CVE-2024-5793HIGHHouzez Theme - Functionality <= 3.2.2 - Authenticated (Seller+) SQL InjectionEPSS 0.5%CVE-2024-43941CRITICALWordPress Propovoice Pro plugin <= 1.7.0.3 - Unauthenticated SQL Injection vulnerabilityEPSS 0.5%