Falhas do tipo CWE-89
11.540 resultadosCVE-2022-25149CRITICALWP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via IPEPSS 78.0%CVE-2024-1512CRITICALMasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.2.5 - Unauthenticated SQL InjectionEPSS 77.7%CVE-2022-42429HIGHThis vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploEPSS 77.6%CVE-2024-1698CRITICALNotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor <= 2.8.2 - Unauthenticated SQL InjectionEPSS 77.6%CVE-2024-8877MEDIUMSQL InjectionEPSS 77.3%CVE-2023-34133HIGHImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SonicWall GMS and Analytics allows an EPSS 77.0%CVE-2022-42424HIGHThis vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploEPSS 76.1%CVE-2022-42427HIGHThis vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploEPSS 76.1%CVE-2022-42425HIGHThis vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploEPSS 76.1%CVE-2025-26794HIGHExim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. (Resolving SQL injection requires aEPSS 75.8%CVE-2022-36961HIGHOrion Platform SQL Injection Privilege Escalation VulnerabilityEPSS 75.2%CVE-2022-43671CRITICALZoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus before 4306 allow SQL Injection.EPSS 74.8%CVE-2022-0169—Photo Gallery by 10Web < 1.6.0 - Unauthenticated SQL InjectionEPSS 74.6%CVE-2022-0412—TI WooCommerce Wishlist < 1.40.1 - Unauthenticated Blind SQL InjectionEPSS 74.6%CVE-2021-24946—Modern Events Calendar < 6.1.5 - Unauthenticated Blind SQL InjectionEPSS 73.4%CVE-2021-24862—RegistrationMagic < 5.0.1.6 - Admin+ SQL InjectionEPSS 73.3%CVE-2021-42258CRITICALBQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in thEPSS 73.3%KEVCVE-2018-7841CRITICALA SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which could cause unwanted code execution when an iEPSS 72.5%KEVCVE-2024-0637HIGHCentreon updateDirectory SQL Injection Remote Code Execution VulnerabilityEPSS 72.3%CVE-2024-29827CRITICALAn unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the samEPSS 71.7%