Weaknesses of type CWE-89
11,724 resultsCVE-2022-43135CRITICALOnline Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at /diagnostEPSS 0.8%CVE-2012-5872CRITICALARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via comments in a SPEPSS 0.8%CVE-2023-33734CRITICALBlueCMS v1.6 was discovered to contain a SQL injection vulnerability via the keywords parameter at search.php.EPSS 0.8%CVE-2023-30203CRITICALJudging Management System v1.0 was discovered to contain a SQL injection vulnerability via the event_id parameter at /php-jms/result_sheet.pEPSS 0.8%CVE-2025-62388MEDIUMSQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the dataEPSS 0.8%CVE-2022-47790CRITICALSourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=.EPSS 0.8%CVE-2025-4456MEDIUMProject Worlds Car Rental Project signup.php sql injectionEPSS 0.8%CVE-2022-43081HIGHFast Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the component /fastfood/purchase.php.EPSS 0.8%CVE-2025-4464MEDIUMitsourcecode Gym Management System ajax.php sql injectionEPSS 0.8%CVE-2025-62386MEDIUMSQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the dataEPSS 0.8%CVE-2023-1361HIGH SQL Injection in unilogies/bumsysEPSS 0.8%CVE-2023-3146MEDIUMSourceCodester Online Discussion Forum Site manage_category.php sql injectionEPSS 0.8%CVE-2025-4466MEDIUMitsourcecode Gym Management System ajax.php sql injectionEPSS 0.8%CVE-2025-62385MEDIUMSQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the dataEPSS 0.8%CVE-2022-45329HIGHAeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Search parameter. This vulnerability allows attackers to acceEPSS 0.8%CVE-2023-3150MEDIUMSourceCodester Online Discussion Forum Site manage_post.php sql injectionEPSS 0.8%CVE-2025-4465MEDIUMitsourcecode Gym Management System ajax.php sql injectionEPSS 0.8%CVE-2025-4463MEDIUMitsourcecode Gym Management System ajax.php sql injectionEPSS 0.8%CVE-2025-4457MEDIUMProject Worlds Car Rental Project approve.php sql injectionEPSS 0.8%CVE-2025-62391MEDIUMSQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the dataEPSS 0.8%