Falhas do tipo CWE-89

11.851 resultados
CVE-2026-26696CRITICALcode-projects Simple Student Alumni System v1.0 is vulnerable to SQL Injection in /TracerStudy/recordteacher_edit.php.EPSS 0.5%CVE-2025-1389HIGHLearning Digital Orca HCM - SQL InjectionEPSS 0.5%CVE-2025-22691HIGHWordPress WP Travel plugin <= 10.1.3 - SQL Injection vulnerabilityEPSS 0.5%CVE-2024-32551HIGHWordPress SP Project & Document Manage plugin <= 4.71 - Auth. SQL Injection vulnerabilityEPSS 0.5%CVE-2024-34989CRITICALIn the module RSI PDF/HTML catalog evolution (prestapdf) <= 7.0.0 from RSI for PrestaShop, a guest can perform SQL injection via `PrestaPDFPEPSS 0.5%CVE-2025-1820MEDIUMzj1983 zz ZworkflowAction.java getOaWid sql injectionEPSS 0.5%CVE-2024-10171MEDIUMcode-projects Blood Bank System massage.php sql injectionEPSS 0.5%CVE-2024-24375HIGHSQL injection vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to obtain sensitive information via /admin/admin name parameter.EPSS 0.5%CVE-2025-1832MEDIUMzj1983 zz ZroleAction.java getUserList sql injectionEPSS 0.5%CVE-2025-24905CRITICALSQL Injection endpoint 'get_codigobarras_cobranca.php' parameter 'codigo' in WeGIAEPSS 0.5%CVE-2024-47328HIGHWordPress Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin <= 3.1.2 - SQL Injection vulnerabilityEPSS 0.5%CVE-2025-32968HIGHorg.xwiki.platform:xwiki-platform-oldcore allows SQL injection in short form select requests through the script query APIEPSS 0.5%CVE-2024-5098MEDIUMSourceCodester Simple Inventory System login.php sql injectionEPSS 0.5%CVE-2024-5325HIGHForm Vibes <= 1.4.10 - Authenticated (Subscriber+) SQL Injection via fv_export_dataEPSS 0.5%CVE-2025-40711CRITICALSQL injection vulnerability in Quiter GatewayEPSS 0.5%CVE-2024-7934MEDIUMitsourcecode Project Expense Monitoring System execute.php sql injectionEPSS 0.5%CVE-2024-7935MEDIUMitsourcecode Project Expense Monitoring System print.php sql injectionEPSS 0.5%CVE-2025-1958MEDIUMaaluoxiang oa_system address-mapper.xml sql injectionEPSS 0.5%CVE-2024-11127MEDIUMcode-projects Job Recruitment admin.php sql injectionEPSS 0.5%CVE-2024-11726MEDIUMAppointment Booking Calendar Plugin and Scheduling Plugin – BookingPress <= 1.1.21 - Authenticated (Contributor+) SQL InjectionEPSS 0.5%