Fallos del tipo CWE-89
11.648 resultadosCVE-2024-25214CRITICALAn issue in Employee Managment System v1.0 allows attackers to bypass authentication via injecting a crafted payload into the E-mail and PasEPSS 1.0%CVE-2023-2144MEDIUMCampcodes Online Thesis Archiving System view_department.php sql injectionEPSS 1.0%CVE-2023-30092CRITICALSourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY parameter.EPSS 1.0%CVE-2020-21120CRITICALSQL Injection vulnerability in file home\controls\cart.class.php in UQCMS 2.1.3, allows attackers execute arbitrary commands via the cookie_EPSS 1.0%CVE-2022-26669HIGHASUS Control Center - SQL InjectionEPSS 1.0%CVE-2024-3000HIGHcode-projects Online Book System index.php sql injectionEPSS 1.0%CVE-2024-10355MEDIUMSourceCodester Petrol Pump Management Software invoice.php sql injectionEPSS 1.0%CVE-2023-7109HIGHcode-projects Library Management System login.php sql injectionEPSS 1.0%CVE-2022-33148HIGHA sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted EPSS 1.0%CVE-2022-3671MEDIUMSourceCodester eLearning System manage.php sql injectionEPSS 1.0%CVE-2026-41460CRITICALSocialEngine <= 7.8.0 SQL Injection via activity/index/get-memberallEPSS 1.0%CVE-2023-46806MEDIUMAn SQL Injection vulnerability in a web component of EPMM versions before 12.1.0.0 allows an authenticated user with appropriate privilege tEPSS 1.0%CVE-2022-44297CRITICALSiteServer CMS 7.1.3 has a SQL injection vulnerability the background.EPSS 1.0%CVE-2021-33925CRITICALSQL Injection vulnerability in nitinparashar30 cms-corephp through commit bdabe52ef282846823bda102728a35506d0ec8f9 (May 19, 2021) allows unaEPSS 1.0%CVE-2022-46965HIGHPrestaShop module, totadministrativemandate before v1.7.1 was discovered to contain a SQL injection vulnerability.EPSS 1.0%CVE-2023-25684MEDIUMIBM Security Key Lifecycle Manager SQL injectionEPSS 1.0%CVE-2023-1016MEDIUMIntuitive Custom Post Order <= 3.1.4.1 - Authenticated (Admin+) SQL InjectionEPSS 1.0%CVE-2026-28516CRITICALopenDCIM <= 23.04 SQL Injection in Config::UpdateParameterEPSS 1.0%CVE-2020-13588MEDIUMAn exploitable SQL injection vulnerability exists in the ‘entities/fields’ page of the Rukovoditel Project Management App 2.7.2. The headingEPSS 1.0%CVE-2024-28107HIGHphpMyFAQ SQL injections at insertentry & saveentryEPSS 1.0%