Fallos del tipo CWE-89

11.622 resultados
CVE-2022-45889HIGHPlanet eStream before 6.72.10.07 allows a remote attacker (who is a publisher or admin) to obtain access to all records stored in the databaEPSS 1.3%CVE-2021-24777Hotscot Contact Form < 1.3 - Admin+ SQL InjectionEPSS 1.3%CVE-2024-46257MEDIUMA Command injection vulnerability in requestLetsEncryptSslWithDnsChallenge in NginxProxyManager 2.11.3 allows an attacker to achieve remote EPSS 1.3%CVE-2021-25068Sync WooCommerce Product feed to Google Shopping <= 1.2.4 - Admin+ SQLiEPSS 1.3%CVE-2025-3096CRITICALClinics Patient Management System SQL InjectionEPSS 1.3%CVE-2025-27709HIGHSQL InjectionEPSS 1.3%CVE-2025-36528HIGHSQL InjectionEPSS 1.3%CVE-2025-41444HIGHSQL InjectionEPSS 1.3%CVE-2021-24774Check & Log Email < 1.0.3 - Admin+ SQL InjectionsEPSS 1.3%CVE-2021-24860BSK PDF Manager < 3.1.2 - Admin+ SQL InjectionEPSS 1.3%CVE-2021-24861Quotes Collection <= 2.5.2 - Admin+ SQL InjectionEPSS 1.3%CVE-2021-24889Ninja Forms < 3.6.4 - Admin+ SQL InjectionEPSS 1.3%CVE-2024-54960MEDIUMA SQL Injection vulnerability in Nagios XI 2024R1.2.2 allows a remote attacker to execute SQL injection via a crafted payload in the HistoryEPSS 1.3%CVE-2022-0190Ad Invalid Click Protector (AICP) < 1.2.6 - Authenticated SQL InjectionEPSS 1.3%CVE-2022-35156CRITICALBus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pEPSS 1.3%CVE-2023-52335HIGHAdvantech iView ConfigurationServlet SQL Injection Information Disclosure VulnerabilityEPSS 1.3%CVE-2025-5569MEDIUMIdeaCMS getList.html Goods sql injectionEPSS 1.3%CVE-2022-1800Export any WordPress data to XML/CSV < 1.3.5 - Admin+ SQL InjectionEPSS 1.3%CVE-2022-0887Easy Social Icons < 3.1.4 - Admin+ SQL InjectionEPSS 1.3%CVE-2021-32790MEDIUMBlind SQL Injection possible via Authenticated Web-hook Search API EndpointEPSS 1.3%