Fallos del tipo CWE-89

11.610 resultados

CVE-2025-34038HIGHWeaver E-cology SQL InjectionEPSS 1.8%CVE-2026-41641HIGHNocoBase Vulnerable to SQL Validation Bypass via `sqlCollection:update` Missing `checkSQL` CallEPSS 1.8%CVE-2021-24361—GeoDirectory Location Manager < 2.1.0.10 - Multiple Unauthenticated SQL InjectionsEPSS 1.8%CVE-2022-2067HIGHSQL Injection in francoisjacquet/rosariosisEPSS 1.8%CVE-2016-10551—waterline-sequel is a module that helps generate SQL statements for Waterline apps Any user input that goes into Waterline's `like`, `contaiEPSS 1.8%CVE-2022-0694—Advanced Booking Calendar < 1.7.0 - Unauthenticated SQL InjectionEPSS 1.8%CVE-2026-42031HIGHCKAN: Unauthenticated SQL Injection and Authorization Bypass in `datastore_search_sql`EPSS 1.8%CVE-2020-6145MEDIUMAn SQL injection vulnerability exists in the frappe.desk.reportview.get functionality of ERPNext 11.1.38. A specially crafted HTTP request cEPSS 1.8%CVE-2020-6125MEDIUMAn exploitable SQL injection vulnerability exists in the GetSchool.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request EPSS 1.8%CVE-2020-6135MEDIUMAn exploitable SQL injection vulnerability exists in the Validator.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request EPSS 1.8%CVE-2020-6136MEDIUMAn exploitable SQL injection vulnerability exists in the DownloadWindow.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP reqEPSS 1.8%CVE-2021-36916HIGHWordPress Hide My WP premium plugin <= 6.2.3 - Unauthenticated SQL injection (SQLi) vulnerabilityEPSS 1.8%CVE-2021-41147HIGHSQL injection in the planning edition panelEPSS 1.8%CVE-2020-36869HIGHNagios XI < 5.7.5 SQL injection via SNMP Trap Interface Edit PageEPSS 1.8%CVE-2024-31460MEDIUMCacti SQL Injection vulnerability in lib/api_automation.php caused by reading dirty data stored in databaseEPSS 1.8%CVE-2019-5476—An SQL Injection in the Nextcloud Lookup-Server < v0.3.0 (running on https://lookup.nextcloud.com) caused unauthenticated users to be able tEPSS 1.8%CVE-2023-0938MEDIUMSourceCodester Music Gallery Site GET Request music_list.php sql injectionEPSS 1.8%CVE-2022-1505CRITICALRSVPMaker <= 9.2.6 - Unauthenticated SQL InjectionEPSS 1.8%CVE-2020-6128MEDIUMSQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL EPSS 1.8%CVE-2022-34872MEDIUMThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Centreon. Authentication is requirEPSS 1.8%

← anteriorpágina 37 / 581siguiente →