Fallos del tipo CWE-89
11.633 resultadosCVE-2021-21932HIGHA specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘name_filterEPSS 1.1%CVE-2021-21931HIGHA specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at‘ stat_filter’ parameter to tEPSS 1.1%CVE-2021-21927HIGHA specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilitieEPSS 1.1%CVE-2021-21935HIGHA specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability aEPSS 1.1%CVE-2024-55976CRITICALWordPress Critical Site Intel plugin <= 1.0 - SQL Injection vulnerabilityEPSS 1.1%CVE-2021-21925HIGHA specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilitieEPSS 1.1%CVE-2021-21928HIGHA specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at ‘mac_filter’ parameter to trEPSS 1.1%CVE-2021-21934HIGHA specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘imei_filterEPSS 1.1%CVE-2021-21933HIGHA specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘esn_filter’EPSS 1.1%CVE-2021-21929HIGHA specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at ‘prod_filter’ parameter to tEPSS 1.1%CVE-2020-3339MEDIUMCisco Prime Infrastructure SQL Injection VulnerabilityEPSS 1.1%CVE-2020-20914CRITICALSQL Injection vulnerability found in San Luan PublicCMS v.4.0 allows a remote attacker to execute arbitrary code via the sql parameter.EPSS 1.1%CVE-2020-20915CRITICALSQL Injection vulnerability found in PublicCMS v.4.0 allows a remote attacker to execute arbitrary code via sql parameter of the the SysSiteEPSS 1.1%CVE-2023-30944MEDIUMMoodle: minor sql injection risk in external wiki method for listing pagesEPSS 1.1%CVE-2023-26860HIGHSQL injection vulnerability found in PrestaShop Igbudget v.1.0.3 and before allow a remote attacker to gain privileges via the LgBudgetBudgeEPSS 1.1%CVE-2024-6172CRITICALEmail Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.25 - Unauthenticated SQL Injection via unsubscribeEPSS 1.1%CVE-2020-6960—The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMEPSS 1.1%CVE-2022-1371CRITICALDelta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegf. This allows an aEPSS 1.1%CVE-2022-1369CRITICALDelta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegIND. This allows anEPSS 1.1%CVE-2022-1375CRITICALDelta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in DIAE_slogHandler.ashx. ThiEPSS 1.1%