Falhas do tipo CWE-89
11.617 resultadosCVE-2024-12025HIGHCollapsing Categories <= 3.0.8 - Unauthenticated SQL InjectionEPSS 2.5%CVE-2014-2351—CSWorks SQL InjectionEPSS 2.5%CVE-2022-22055CRITICALLe-yan Co., Ltd. dental management system - SQL InjectionEPSS 2.5%CVE-2019-10141HIGHA vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulneraEPSS 2.5%CVE-2015-9244—Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not escaped with `mysql.escape()` which could lead to SQL Injection.EPSS 2.4%CVE-2024-6265CRITICALUsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress <= 1.2.10 - Unauthenticated SQL Injection via 'uwp_sort_by'EPSS 2.4%CVE-2019-18229—Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Lack of sanitization of user-supplied input cause SQL injection vulnerabilities. An attaEPSS 2.4%CVE-2020-15153HIGHUnauthenticated SQL injection in AmpacheEPSS 2.4%CVE-2022-44727CRITICALThe EU Cookie Law GDPR (Banner + Blocker) module before 2.1.3 for PrestaShop allows SQL Injection via a cookie ( lgcookieslaw or __lglaw ).EPSS 2.4%CVE-2025-2473MEDIUMPHPGurukul Company Visitor Management System Sign In index.php sql injectionEPSS 2.4%CVE-2024-36597HIGHAegon Life v1.0 was discovered to contain a SQL injection vulnerability via the client_id parameter at clientStatus.php.EPSS 2.4%CVE-2023-23490HIGHThe Survey Maker WordPress Plugin, version < 3.1.2, is affected by an authenticated SQL injection vulnerability in the 'surveys_ids' parametEPSS 2.3%CVE-2022-34871HIGHThis vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploEPSS 2.3%CVE-2020-13567HIGHMultiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker canEPSS 2.3%CVE-2016-8640—A SQL injection vulnerability in pycsw all versions before 2.0.2, 1.10.5 and 1.8.6 that leads to read and extract of any data from any tableEPSS 2.3%CVE-2022-45805HIGHWordPress Paytm Payment Gateway Plugin <= 2.7.3 is vulnerable to SQL InjectionEPSS 2.3%CVE-2021-33729—A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). An authenticated attacker that is able to import firmwaEPSS 2.3%CVE-2026-2413HIGHAlly – Web Accessibility & Usability <= 4.0.3 - Unauthenticated SQL Injection via URL PathEPSS 2.3%CVE-2023-49330HIGHZoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data.EPSS 2.3%CVE-2022-2272CRITICALThis vulnerability allows remote attackers to bypass authentication on affected installations of Sante PACS Server 3.0.4. Authentication is EPSS 2.3%