Fallos del tipo CWE-89

11.648 resultados
CVE-2024-7637MEDIUMcode-projects Online Polling Registration registeracc.php sql injectionEPSS 0.9%CVE-2023-6054MEDIUMTongda OA 2017 lock.php sql injectionEPSS 0.9%CVE-2025-52664HIGHSQL injection in Revive Adserver 6.0.0 causes potential disruption or information access when specifically crafted payloads are sent by loggEPSS 0.9%CVE-2025-24659HIGHWordPress Premium Packages – Sell Digital Products Securely plugin <= 5.9.6 - SQL Injection vulnerabilityEPSS 0.9%CVE-2024-37906CRITICALAdmidio has Blind SQL Injection in ecard_send.phpEPSS 0.9%CVE-2024-12484MEDIUMCodezips Technical Discussion Forum signuppost.php sql injectionEPSS 0.9%CVE-2024-29303CRITICALThe delete admin users function of SourceCodester PHP Task Management System 1.0 is vulnerable to SQL InjectionEPSS 0.9%CVE-2021-43830HIGHSQL injection in OpenProjectEPSS 0.9%CVE-2023-41891LOWFlyteAdmin SQL Injection in List FiltersEPSS 0.9%CVE-2023-0917HIGHSourceCodester Simple Customer Relationship Management System login.php sql injectionEPSS 0.9%CVE-2023-33331HIGHWordPress WooCommerce Product Vendors Plugin <= 2.1.76 is vulnerable to SQL InjectionEPSS 0.9%CVE-2020-5320CRITICALDell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a SQLEPSS 0.9%CVE-2025-67255HIGHIn NagiosXI 2026R1.0.1 build 1762361101, Dashboard parameters lack proper filtering, allowing any authenticated user to exploit a SQL InjectEPSS 0.9%CVE-2023-24840HIGHHGiga MailSherlock - SQL InjectionEPSS 0.9%CVE-2024-32369MEDIUMSQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive inforEPSS 0.9%CVE-2024-9022HIGHTS Poll – Survey, Versus Poll, Image Poll, Video Poll <= 2.4.0 - Authenticated (Administrator+) SQL Injection via orderby ParameterEPSS 0.9%CVE-2022-47865CRITICALLead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeOrder.php.EPSS 0.9%CVE-2023-28663HIGHThe Formidable PRO2PDF WordPress Plugin, version < 3.11, is affected by an authenticated SQL injection vulnerability in the ‘fieldmap’ paramEPSS 0.9%CVE-2022-47861CRITICALLead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeLead.php.EPSS 0.9%CVE-2023-31433HIGHA SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allows authenticated attackers to execute SQLEPSS 0.9%