Falhas do tipo CWE-89

11.712 resultados
CVE-2022-46471CRITICALOnline Health Care System v1.0 was discovered to contain a SQL injection vulnerability via the consulting_id parameter at /healthcare/Admin/EPSS 0.8%CVE-2022-45010CRITICALSimple Phone Book/Directory Web App v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at /PhoneBook/editEPSS 0.8%CVE-2023-23775MEDIUMMultiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerabilities [CWE-89] in FortiSOAR 7.2.0 and EPSS 0.8%CVE-2023-46789CRITICALOnline Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)EPSS 0.8%CVE-2023-6413CRITICALSQL injection in Voovi Social Networking ScriptEPSS 0.8%CVE-2023-6411CRITICALSQL injection in Voovi Social Networking ScriptEPSS 0.8%CVE-2023-6416CRITICALSQL injection in Voovi Social Networking ScriptEPSS 0.8%CVE-2023-46800CRITICALOnline Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)EPSS 0.8%CVE-2022-41532HIGHOpen Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.EPSS 0.8%CVE-2023-46679CRITICALOnline Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)EPSS 0.8%CVE-2022-41530HIGHOpen Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.EPSS 0.8%CVE-2023-6412CRITICALSQL injection in Voovi Social Networking ScriptEPSS 0.8%CVE-2023-46677CRITICALOnline Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)EPSS 0.8%CVE-2023-46793CRITICALOnline Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)EPSS 0.8%CVE-2023-46787CRITICALOnline Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)EPSS 0.8%CVE-2023-46788CRITICALOnline Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)EPSS 0.8%CVE-2024-28389CRITICALSQL injection vulnerability in KnowBand spinwheel v.3.0.3 and before allows a remote attacker to gain escalated privileges and obtain sensitEPSS 0.8%CVE-2023-6418CRITICALSQL injection in Voovi Social Networking ScriptEPSS 0.8%CVE-2022-41407HIGHOnline Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=orders/view_order.EPSS 0.8%CVE-2024-7801MEDIUMSQL injection in get_chart_data in TimeProvider 4100EPSS 0.8%