Fallos del tipo CWE-89
11.618 resultadosCVE-2019-5111HIGHExploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameteEPSS 1.4%CVE-2026-2416HIGHGeo Mashup <= 1.13.17 - Unauthenticated SQL Injection via 'sort' ParameterEPSS 1.4%CVE-2022-36193CRITICALSQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the applicatioEPSS 1.4%CVE-2017-0914—Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component rEPSS 1.4%CVE-2021-1225MEDIUMCisco SD-WAN vManage SQL Injection VulnerabilitiesEPSS 1.4%CVE-2005-4349MEDIUMSQL injection vulnerability in server_privileges.php in phpMyAdmin 2.7.0 allows remote authenticated users to execute arbitrary SQL commandsEPSS 1.4%CVE-2025-0565MEDIUMZZCMS index.php sql injectionEPSS 1.4%CVE-2019-5114HIGHAn exploitable SQL injection vulnerability exists in the authenticated portion of YouPHPTube 7.6. Specially crafted web requests can cause SEPSS 1.4%CVE-2006-5603CRITICALSQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RCEPSS 1.4%CVE-2026-5073HIGHARMember Premium <= 7.3.1 - Unauthenticated SQL Injection via 'order' ParameterEPSS 1.4%CVE-2026-3018HIGHNewsletters <= 4.13 - Unauthenticated SQL Injection via wpmlsubscriber_id ParameterEPSS 1.4%CVE-2023-24163CRITICALSQL Inection vulnerability in Dromara hutool before 5.8.21 allows attacker to execute arbitrary code via the aviator template engine.EPSS 1.4%CVE-2021-26636HIGHMaxboard Remote Code ExecutionEPSS 1.4%CVE-2021-21917HIGHAn exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-craftedEPSS 1.4%CVE-2021-21936HIGHA specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability aEPSS 1.4%CVE-2021-21916HIGHAn exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-craftedEPSS 1.4%CVE-2021-21915HIGHAn exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-craftedEPSS 1.4%CVE-2020-36072HIGHSQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the id parameter.EPSS 1.4%CVE-2018-1096—An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perEPSS 1.4%CVE-2021-24457—Portfolio Responsive Gallery < 1.1.8 - Authenticated Blind SQL InjectionsEPSS 1.4%