Falhas do tipo CWE-89

11.716 resultados
CVE-2026-1287MEDIUMPotential SQL injection in column aliases via control charactersEPSS 0.8%CVE-2025-22974CRITICALSQL Injection vulnerability in SeaCMS v.13.2 and before allows a remote attacker to execute arbitrary code via the DoTranExecSql parameter iEPSS 0.8%CVE-2024-0389MEDIUMSourceCodester Student Attendance System attendance_report.php sql injectionEPSS 0.8%CVE-2023-4740MEDIUMIBOS OA Delete Draft delDraft&archiveId=0 sql injectionEPSS 0.8%CVE-2023-2051MEDIUMCampcodes Advanced Online Voting System positions_row.php sql injectionEPSS 0.8%CVE-2023-1365HIGHSourceCodester Online Pizza Ordering System ajax.php sql injectionEPSS 0.8%CVE-2023-33734CRITICALBlueCMS v1.6 was discovered to contain a SQL injection vulnerability via the keywords parameter at search.php.EPSS 0.8%CVE-2012-5872CRITICALARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via comments in a SPEPSS 0.8%CVE-2023-31707CRITICALSEMCMS 1.5 is vulnerable to SQL Injection via Ant_Rponse.php.EPSS 0.8%CVE-2022-47740CRITICALSeltmann GmbH Content Management System 6 is vulnerable to SQL Injection via /index.php.EPSS 0.8%CVE-2023-28839CRITICALImproper neutralization in an SQL query in ShoppingfeedEPSS 0.8%CVE-2022-41390CRITICALOcoMon v4.0 was discovered to contain a SQL injection vulnerability via the cod parameter at download.php.EPSS 0.8%CVE-2022-47790CRITICALSourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=.EPSS 0.8%CVE-2022-44139CRITICALApartment Visitor Management System v1.0 is vulnerable to SQL Injection via /avms/index.php.EPSS 0.8%CVE-2023-30203CRITICALJudging Management System v1.0 was discovered to contain a SQL injection vulnerability via the event_id parameter at /php-jms/result_sheet.pEPSS 0.8%CVE-2023-27052CRITICALE-Commerce System v1.0 ws discovered to contain a SQL injection vulnerability via the id parameter at /admin/delete_user.php.EPSS 0.8%CVE-2023-30018CRITICALJudging Management System v1.0 is vulnerable to SQL Injection. via /php-jms/review_se_result.php?mainevent_id=.EPSS 0.8%CVE-2025-62392MEDIUMSQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the dataEPSS 0.8%CVE-2022-44399CRITICALPoultry Farm Management System v1.0 contains a SQL injection vulnerability via the del parameter at /Redcock-Farm/farm/category.php.EPSS 0.8%CVE-2023-26905CRITICALAn issue was discovered in Alphaware - Simple E-Commerce System v1.0. There is a SQL injection that can directly issue instructions to the bEPSS 0.8%