Fallos del tipo CWE-89

11.622 resultados
CVE-2022-24628HIGHAn issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is authenticated SQL injection in the id parameter EPSS 1.2%CVE-2023-47460HIGHSQL injection vulnerability in Knovos Discovery v.22.67.0 allows a remote attacker to execute arbitrary code via the /DiscoveryProcess/ServiEPSS 1.2%CVE-2021-24142301 Redirects - Easy Redirect Manager < 2.51 - Authenticated SQL InjectionEPSS 1.2%CVE-2021-24877MainWP Child < 4.1.8 - Admin+ SQL InjectionEPSS 1.2%CVE-2024-7808MEDIUMcode-projects Job Portal logindbc.php sql injectionEPSS 1.2%CVE-2022-39041CRITICALaEnrich a+HRD - SQL InjectionEPSS 1.2%CVE-2023-27649HIGHSQL injection vulnerability found in Trusted Tools Free Music v.2.1.0.47, v.2.0.0.46, v.1.9.1.45, v.1.8.2.43 allows a remote attacker to cauEPSS 1.2%CVE-2024-28557CRITICALSQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate pEPSS 1.2%CVE-2020-15108HIGHSQL Injection in glpiEPSS 1.2%CVE-2024-28556CRITICALSQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate pEPSS 1.2%CVE-2022-42098HIGHKLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php.EPSS 1.2%CVE-2021-24138AdRotate < 5.8.4 - Authenticated SQL InjectionEPSS 1.2%CVE-2021-34249HIGHSQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremetEPSS 1.2%CVE-2024-28595CRITICALSQL Injection vulnerability in Employee Management System v1.0 allows attackers to run arbitrary SQL commands via the admin_id parameter in EPSS 1.2%CVE-2024-42005CRITICALAn issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values() and values_list() methods on models with a JSONFEPSS 1.2%CVE-2021-26634CRITICALMaxboard multiple vulnerabilitiesEPSS 1.2%CVE-2019-1942MEDIUMCisco Identity Services Engine Blind SQL Injection VulnerabilityEPSS 1.2%CVE-2021-31867MEDIUMPimcore Customer Data Framework 'SegmentAssignmentController.php' Blind SQL InjectionEPSS 1.2%CVE-2018-5443A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. WebAccess/SCADA does not properly sanitizEPSS 1.2%CVE-2020-7577A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions < V8.2). Through thEPSS 1.2%