Falhas do tipo CWE-89

11.712 resultados
CVE-2023-6417CRITICALSQL injection in Voovi Social Networking ScriptEPSS 0.8%CVE-2023-46787CRITICALOnline Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)EPSS 0.8%CVE-2022-41532HIGHOpen Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.EPSS 0.8%CVE-2023-6415CRITICALSQL injection in Voovi Social Networking ScriptEPSS 0.8%CVE-2023-46677CRITICALOnline Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)EPSS 0.8%CVE-2023-46679CRITICALOnline Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi)EPSS 0.8%CVE-2024-37765HIGHMachform up to version 19 is affected by an authenticated Blind SQL injection in the user account settings page.EPSS 0.8%CVE-2022-40315CRITICALA limited SQL injection risk was identified in the "browse list of users" site administration page.EPSS 0.8%CVE-2022-40935HIGHOnline Pet Shop We App v1.0 is vulnerable to SQL Injection via /pet_shop/classes/Master.php?f=delete_category,id.EPSS 0.8%CVE-2024-28421CRITICALSQL Injection vulnerability in Razor 0.8.0 allows a remote attacker to escalate privileges via the ChannelModel::updateapk method of the chaEPSS 0.8%CVE-2022-40934HIGHOnline Pet Shop We App v1.0 is vulnerable to SQL injection via /pet_shop/classes/Master.php?f=delete_sub_category,idEPSS 0.8%CVE-2024-3361HIGHSourceCodester Online Library System deweydecimal.php sql injectionEPSS 0.8%CVE-2023-46953CRITICALSQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents modulEPSS 0.8%CVE-2023-1441MEDIUMSourceCodester Automatic Question Paper Generator System GET Parameter view_course.php sql injectionEPSS 0.8%CVE-2023-38250HIGHAdobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)EPSS 0.8%CVE-2023-38249HIGHAdobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)EPSS 0.8%CVE-2024-3362HIGHSourceCodester Online Library System controller.php sql injectionEPSS 0.8%CVE-2023-38221HIGHAdobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)EPSS 0.8%CVE-2024-1923MEDIUMSourceCodester Simple Student Attendance System List of Classes Page ajax-api.php delete_student sql injectionEPSS 0.8%CVE-2024-2344HIGHAvada <= 7.11.6 - Authenticated (Admin+) SQL Injection via entryEPSS 0.8%