Weaknesses of type CWE-89

11,496 results

CVE-2024-29824CRITICALAn unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the samEPSS 100.0%KEV CVE-2023-34362CRITICALIn Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL EPSS 99.9%KEV CVE-2019-7481HIGHVulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauthorized resources. This vulnerablity impacted EPSS 99.9%KEV CVE-2024-29826CRITICALAn unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the samEPSS 99.9%CVE-2024-29825CRITICALAn unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the samEPSS 99.9%CVE-2024-29823CRITICALAn unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the samEPSS 99.9%CVE-2024-9465CRITICALExpedition: SQL Injection Leads to Firewall Admin Credential DisclosureEPSS 99.6%KEV CVE-2022-21661HIGHSQL injection in WordPressEPSS 97.8%CVE-2023-48788CRITICALA improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.EPSS 97.6%KEV CVE-2025-25257CRITICALAn improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerability in Fortinet ForEPSS 96.7%KEV CVE-2026-42208CRITICALLiteLLM: SQL injection in Proxy API key verificationEPSS 95.9%KEV CVE-2024-6670CRITICALWhatsUp Gold HasErrors SQL Injection Authentication Bypass VulnerabilityEPSS 94.7%KEV CVE-2019-12989CRITICALCitrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.EPSS 94.4%KEV CVE-2026-21643CRITICALAn improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may aEPSS 94.1%KEV CVE-2024-27956CRITICALWordPress Automatic plugin <= 3.92.0 - Unauthenticated Arbitrary SQL Execution vulnerabilityEPSS 94.0%CVE-2025-57819CRITICALFreePBX Affected by Authentication Bypass Leading to SQL Injection and RCEEPSS 93.3%KEV CVE-2023-23488CRITICALThe Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the 'code' paraEPSS 92.5%CVE-2024-5276CRITICALSQL Injection Vulnerability in FileCatalyst Workflow 5.1.6 Build 135 (and earlier)EPSS 90.1%CVE-2020-17463CRITICALFUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.EPSS 90.0%KEV CVE-2023-39361CRITICALUnauthenticated SQL Injection in graph_view.php in CactiEPSS 87.6%

← previouspage 1 / 575next →