Fallos del tipo CWE-89
11.648 resultadosCVE-2017-12227—A vulnerability in the SQL database interface for Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a blindEPSS 1.0%CVE-2020-13589MEDIUMAn exploitable SQL injection vulnerability exists in the ‘entities/fields’ page of the Rukovoditel Project Management App 2.7.2. The entitieEPSS 1.0%CVE-2022-47770CRITICALSerenissima Informatica Fast Checkin version v1.0 is vulnerable to Unauthenticated SQL Injection.EPSS 1.0%CVE-2021-43822HIGHSQL injection in jackalope/jackalope-doctrine-dbalEPSS 1.0%CVE-2022-1807HIGHMultiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.EPSS 1.0%CVE-2023-26813CRITICALSQL injection vulnerability in com.xnx3.wangmarket.plugin.dataDictionary.controller.DataDictionaryPluginController.java in wangmarket CMS 4.EPSS 1.0%CVE-2019-5119HIGHAn exploitable SQL injection vulnerability exist in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL iEPSS 1.0%CVE-2022-2559—Fluent Support < 1.5.8 - Admin+ SQLiEPSS 1.0%CVE-2023-51637CRITICALSante PACS Server PG Patient Query SQL Injection Remote Code Execution VulnerabilityEPSS 1.0%CVE-2024-3413HIGHSourceCodester Human Resource Information System login_process.php sql injectionEPSS 1.0%CVE-2024-36263HIGHApache Submarine Server Core: SQL injectionEPSS 1.0%CVE-2021-23040—On BIG-IP AFM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1EPSS 1.0%CVE-2024-36683HIGHSQL injection vulnerability in the module "Products Alert" (productsalert) before 1.7.4 from Smart Modules for PrestaShop allows attackers tEPSS 1.0%CVE-2024-32139HIGHWordPress Podlove Podcast Publisher plugin <= 4.0.12 - SQL Injection vulnerabilityEPSS 1.0%CVE-2024-3359HIGHSourceCodester Online Library System login.php sql injectionEPSS 1.0%CVE-2023-7110HIGHcode-projects Library Management System login.php sql injectionEPSS 1.0%CVE-2021-3935—When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection iEPSS 1.0%CVE-2017-20127HIGHKB Login Authentication Script sql injectionEPSS 1.0%CVE-2024-12157HIGHPopup – MailChimp, GetResponse and ActiveCampaign Intergrations <= 3.2.6 - Unauthenticated SQL InjectionEPSS 1.0%CVE-2022-46999CRITICALTuzicms v2.0.6 was discovered to contain a SQL injection vulnerability via the component \App\Manage\Controller\UserController.class.php.EPSS 1.0%