Fallos del tipo CWE-89
11.540 resultadosCVE-2024-27096HIGHSQL Injection in through the search engineEPSS 62.7%CVE-2024-8522CRITICALLearnPress – WordPress LMS Plugin <= 4.2.7 - Unauthenticated SQL Injection via 'c_only_fields'EPSS 61.4%CVE-2018-18982—NUUO CMS All versions 3.3 and prior the web server application allows injection of arbitrary SQL characters, which can be used to inject SQLEPSS 60.8%CVE-2024-43468CRITICALMicrosoft Configuration Manager Remote Code Execution VulnerabilityEPSS 60.7%KEVCVE-2023-0631—Paid Memberships Pro < 2.9.12 - Subscriber+ SQL InjectionEPSS 60.5%CVE-2024-31456HIGHGLPI contains an authenticated SQL injectionEPSS 59.4%CVE-2023-23492HIGHThe Login with Phone Number WordPress Plugin, version < 1.4.2, is affected by an authenticated SQL injection vulnerability in the 'ID' paramEPSS 57.4%CVE-2024-3922CRITICALDokan Pro <= 3.10.3 - Unauthenticated SQL InjectionEPSS 56.2%CVE-2025-6970HIGHEvents Manager <= 7.0.3 - Unauthenticated SQL Injection via `orderby` ParameterEPSS 55.7%CVE-2022-0513CRITICALWP Statistics <= 13.1.4 Unauthenticated Blind SQL Injection via exclusion_reasonEPSS 53.6%CVE-2023-44450HIGHNETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution VulnerabilityEPSS 53.6%CVE-2024-23116HIGHCentreon updateLCARelation SQL Injection Remote Code Execution VulnerabilityEPSS 53.4%CVE-2024-23118HIGHCentreon updateContactHostCommands SQL Injection Remote Code Execution VulnerabilityEPSS 53.4%CVE-2024-23117HIGHCentreon updateContactServiceCommands SQL Injection Remote Code Execution VulnerabilityEPSS 53.4%CVE-2023-38099HIGHNETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution VulnerabilityEPSS 52.9%CVE-2023-44449HIGHNETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation VulnerabilityEPSS 52.6%CVE-2021-36393—In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.EPSS 52.3%CVE-2023-6567CRITICALLearnPress <= 4.2.5.7 - Unauthenticated SQL Injection via order_byEPSS 51.4%CVE-2024-37843HIGHCraft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint.EPSS 51.3%CVE-2022-31061CRITICALSQL injection on login page in GLPIEPSS 50.9%