Weaknesses of type CWE-89

11,768 results
CVE-2023-7299MEDIUMDataGear resolveSql sql injectionEPSS 0.6%CVE-2024-8055HIGHLocal File Read (LFI) by Prompt Injection via SnowFlake SQL in vanna-ai/vannaEPSS 0.6%CVE-2025-47785HIGHEMLOG SQL Injection VulnerabilityEPSS 0.6%CVE-2025-0532MEDIUMCodezips Gym Management System new_submit.php sql injectionEPSS 0.6%CVE-2022-42230HIGHSimple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/admin/?page=user/manage_user&id=.EPSS 0.6%CVE-2022-45589HIGHAll versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks inEPSS 0.6%CVE-2024-25509CRITICALRuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sys_file_storage_id parameter at /WorkFlow/wf_fileEPSS 0.6%CVE-2025-26348MEDIUMA CWE-89 "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" in maxprofile/menu/model.lua (editUserMenu eEPSS 0.6%CVE-2024-1251MEDIUMTongda OA 2017 delete.php sql injectionEPSS 0.6%CVE-2023-51805HIGHSQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows a remote attacker to obtain sensitive information via the getFormKey pEPSS 0.6%CVE-2024-8855CRITICALWordPress Auction <= 3.7 - Editor+ SQL InjectionEPSS 0.6%CVE-2024-2566HIGHFujian Kelixin Communication Command and Dispatch Platform get_extension_yl.php sql injectionEPSS 0.6%CVE-2025-58462CRITICALOPEXUS FOIAXpress PAL SQL injectionEPSS 0.6%CVE-2023-0016CRITICALSQL Injection vulnerability in SAP Business Planning and Consolidation MSEPSS 0.6%CVE-2022-40405HIGHWoWonder Social Network Platform v4.1.2 was discovered to contain a SQL injection vulnerability via the offset parameter at requests.php?f=lEPSS 0.6%CVE-2024-11241MEDIUMcode-projects Job Recruitment reset.php sql injectionEPSS 0.6%CVE-2024-0913HIGHWP ERP <= 1.13.0 - Authenticated (Accounting Manager+) SQL InjectionEPSS 0.6%CVE-2024-4972MEDIUMcode-projects Simple Chat System login.php sql injectionEPSS 0.6%CVE-2024-4967MEDIUMSourceCodester Interactive Map with Marker delete-mark.php sql injectionEPSS 0.6%CVE-2025-29369CRITICALCode-Projects Matrimonial Site V1.0 is vulnerable to SQL Injection in /view_profile.php?id=1.EPSS 0.6%