Fallos del tipo CWE-89
11.650 resultadosCVE-2020-24600CRITICALShilpi CAPExWeb 1.1 allows SQL injection via a servlet/capexweb.cap_sendMail GET request.EPSS 0.9%CVE-2021-36484CRITICALSQL injection vulnerability in JIZHICMS 1.9.5 allows attackers to run arbitrary SQL commands via add or edit article page.EPSS 0.9%CVE-2020-22818CRITICALMKCMS V6.2 has SQL injection via /ucenter/reg.php name parameter.EPSS 0.9%CVE-2023-41542CRITICALSQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information viaEPSS 0.9%CVE-2024-26264CRITICALEBM Technologies RISWEB - SQL InjectionEPSS 0.8%CVE-2022-43232HIGHCanteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the userid parameter at /php_action/fetchOrderDatEPSS 0.8%CVE-2022-43228HIGHBarangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /clearance/clearance.EPSS 0.8%CVE-2024-2147HIGHSourceCodester Online Mobile Management Store login.php sql injectionEPSS 0.8%CVE-2023-2484HIGHActive Directory Integration / LDAP Integration <= 4.1.4 - Authenticated (Administrator+) SQL InjectionEPSS 0.8%CVE-2019-5122HIGHSQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. AEPSS 0.8%CVE-2023-2188HIGHColibri Page Builder <= 1.0.227 - Authenticated (Administrator+) SQL Injection via post_idEPSS 0.8%CVE-2023-4737CRITICALSQLi in Hedef Trackings Admin PanelEPSS 0.8%CVE-2022-38833HIGHSchool Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/modstudent/index.php?view=viewEPSS 0.8%CVE-2024-29301HIGHSourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-admin.php?admin_id=EPSS 0.8%CVE-2022-24391HIGHAuthenticated SQL Injection Vulnerability in Fidelis Network and DeceptionEPSS 0.8%CVE-2024-57635HIGHAn issue in the chash_array component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafteEPSS 0.8%CVE-2019-7484—Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. TEPSS 0.8%CVE-2024-57636HIGHAn issue in the itc_sample_row_check component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) vEPSS 0.8%CVE-2023-30605MEDIUMMultiple SQL injections in sql/instance.py param_edit method in Archery - GHSL-2022-104EPSS 0.8%CVE-2023-30557MEDIUMSQL injection in data_dictionary.py table_info method in Archery - GHSL-2022-106EPSS 0.8%