Fallos del tipo CWE-89

11.636 resultados
CVE-2023-6052MEDIUMTongda OA 2017 delete.php sql injectionEPSS 1.0%CVE-2023-0953HIGHInsufficient input sanitization in the documentation feature of Devolutions Server 2022.3.12 and earlier allows an authenticated attacker toEPSS 1.0%CVE-2015-10099MEDIUMCP Appointment Calendar Plugin dex_appointments.php dex_process_ready_to_go_appointment sql injectionEPSS 1.0%CVE-2023-48901CRITICALA SQL injection vulnerability in tramyardg Autoexpress version 1.3.0, allows remote unauthenticated attackers to execute arbitrary SQL commaEPSS 1.0%CVE-2023-0516MEDIUMSourceCodester Online Tours & Travels Management System Parameter forget_password.php sql injectionEPSS 1.0%CVE-2023-0515MEDIUMSourceCodester Online Tours & Travels Management System Parameter forget_password.php sql injectionEPSS 1.0%CVE-2022-40839HIGHA SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated attackers toEPSS 1.0%CVE-2024-27298CRITICALParse Server literalizeRegexPart SQL InjectionEPSS 1.0%CVE-2025-49759HIGHMicrosoft SQL Server Elevation of Privilege VulnerabilityEPSS 1.0%CVE-2023-29629CRITICALPrestaShop jmsthemelayout 2.5.5 is vulnerable to SQL Injection via ajax_jmsvermegamenu.php.EPSS 1.0%CVE-2023-29632CRITICALPrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php.EPSS 1.0%CVE-2023-29630CRITICALPrestaShop jmsmegamenu 1.1.x and 2.0.x is vulnerable to SQL Injection via ajax_jmsmegamenu.php.EPSS 1.0%CVE-2021-22852HIGHHGiga OAKloud Portal - SQL injection -2EPSS 1.0%CVE-2017-14807HIGHSQL injection in ui-server/app/models/diary_entry.rb in SUSE Studio onsiteEPSS 1.0%CVE-2021-47693HIGHNagios XI < 5.8.5 Core Config Manager (CCM) SQL Injection via Improper Escaping in Search TextEPSS 1.0%CVE-2022-2269Website File Changes Monitor < 1.8.3 - Admin+ SQLiEPSS 1.0%CVE-2024-5356MEDIUManji-plus AJ-Report testTransform;swagger-ui sql injectionEPSS 1.0%CVE-2023-22900CRITICALThinking Software Technology Co., Ltd. Efence - SQL InjectionEPSS 1.0%CVE-2023-32754CRITICALThinking Software Efence - SQL injectionEPSS 1.0%CVE-2019-5070MEDIUMAn exploitable SQL injection vulnerability exists in the unauthenticated portion of eFront LMS, versions v5.2.12 and earlier. Specially crafEPSS 1.0%