Fallos del tipo CWE-89
11.636 resultadosCVE-2024-50327HIGHSQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticEPSS 1.0%CVE-2023-30016CRITICALSQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitEPSS 1.0%CVE-2023-30014CRITICALSQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitEPSS 1.0%CVE-2023-30015CRITICALSQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitEPSS 1.0%CVE-2022-38922CRITICALBluePage CMS thru 3.9 processes an insufficiently sanitized HTTP Header Cookie value allowing MySQL Injection in the 'users-cookie-settings'EPSS 1.0%CVE-2020-15226MEDIUMSQL Injection in GLPI Search APIEPSS 1.0%CVE-2023-24685HIGHChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the Event parameter under the Event Attendance reportEPSS 1.0%CVE-2024-25422CRITICALSQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the SEMCEPSS 1.0%CVE-2024-4351HIGHTutor LMS Pro <= 2.7.0 - Missing Authorization to Privilege EscalationEPSS 1.0%CVE-2025-8296HIGHSQL injection in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to execute arbitrarEPSS 1.0%CVE-2020-3450MEDIUMCisco Vision Dynamic Signage Director SQL Injection VulnerabilityEPSS 1.0%CVE-2012-10063HIGHNagios XI < 2012R1.3 Authenticated SQL Injection in Legacy CCMEPSS 1.0%CVE-2022-41272CRITICALAn unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search (UDS) of SAP NeEPSS 1.0%CVE-2017-20104HIGHSimplessus Cookie Time sql injectionEPSS 1.0%CVE-2023-1964HIGHPHPGurukul Bank Locker Management System Password Reset recovery.php sql injectionEPSS 1.0%CVE-2024-48245HIGHVehicle Management System 1.0 is vulnerable to SQL Injection. A guest user can exploit vulnerable POST parameters in various administrative EPSS 1.0%CVE-2022-2766HIGHSourceCodester Loan Management System index.php sql injectionEPSS 1.0%CVE-2025-53727HIGHMicrosoft SQL Server Elevation of Privilege VulnerabilityEPSS 1.0%CVE-2024-40486CRITICALA SQL injection vulnerability in "/index.php" of Kashipara Live Membership System v1.0 allows remote attackers to execute arbitrary SQL commEPSS 1.0%CVE-2022-3300HIGHForm Maker by 10Web < 1.15.6 - Admin+ SQLIEPSS 1.0%