Fallos del tipo CWE-89

11.644 resultados
CVE-2021-3860HIGHJFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is vulnerable to Blind SQL Injection by a low privileged authenticated user EPSS 1.0%CVE-2025-45542HIGHSQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to impEPSS 1.0%CVE-2024-55099CRITICALA SQL Injection vulnerability was found in /admin/index.php in phpgurukul Online Nurse Hiring System v1.0, which allows remote attackers to EPSS 1.0%CVE-2022-2958BadgeOS < 3.7.1.3 - Subscriber+ SQLiEPSS 1.0%CVE-2020-3468MEDIUMCisco SD-WAN vManage Software SQL Injection VulnerabilityEPSS 1.0%CVE-2023-48987HIGHBlind SQL Injection vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote attacker to exeEPSS 1.0%CVE-2022-40483CRITICALWedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /wedding_details.php.EPSS 1.0%CVE-2022-40485CRITICALWedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /package_detail.php.EPSS 1.0%CVE-2022-3243HIGHImport all XML, CSV & TXT into WordPress < 6.5.8 - Admin+ SQLiEPSS 1.0%CVE-2021-33180HIGHImproper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in cgi component in Synology Media ServerEPSS 1.0%CVE-2023-6648MEDIUMPHPGurukul Nipah Virus Testing Management System password-recovery.php sql injectionEPSS 1.0%CVE-2021-22848HIGHHGiga MailSherlock - SQL Injection-2EPSS 1.0%CVE-2022-44378HIGHAutomotive Shop Management System v1.0 is vulnerable to SQL via /asms/classes/Master.php?f=delete_mechanic.EPSS 1.0%CVE-2020-15792A vulnerability has been identified in Desigo Insight (All versions). The web service does not properly apply input validation for some querEPSS 1.0%CVE-2023-24684HIGHChurchCRM v4.5.3 and below was discovered to contain a SQL injection vulnerability via the EID parameter at GetText.php.EPSS 1.0%CVE-2024-54810CRITICALA SQL Injection vulnerability was found in /preschool/admin/password-recovery.php in PHPGurukul Pre-School Enrollment System Project v1.0, wEPSS 1.0%CVE-2022-40049HIGHSQL injection vulnerability in sourcecodester Theme Park Ticketing System 1.0 allows remote attackers to view sensitive information via the EPSS 1.0%CVE-2023-50162HIGHSQL injection vulnerability in EmpireCMS v7.5, allows remote attackers to execute arbitrary code and obtain sensitive information via the DoEPSS 1.0%CVE-2023-26781CRITICALSQL injection vulnerability in mccms 2.6 allows remote attackers to run arbitrary SQL commands via Author Center ->Reader Comments ->Search.EPSS 1.0%CVE-2023-2145MEDIUMCampcodes Online Thesis Archiving System projects_per_curriculum.php sql injectionEPSS 1.0%