Weaknesses of type CWE-89

11,768 results
CVE-2025-1903MEDIUMCodezips Online Shopping Website cart_add.php sql injectionEPSS 0.6%CVE-2024-10432MEDIUMProject Worlds Simple Web-Based Chat Application index.php sql injectionEPSS 0.6%CVE-2020-36536MEDIUMBrandbugle main.php sql injectionEPSS 0.6%CVE-2024-37791MEDIUMDuxCMS3 v3.1.3 was discovered to contain a SQL injection vulnerability via the keyword parameter at /article/Content/index?class_id.EPSS 0.6%CVE-2022-41408CRITICALOnline Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=orders/view_order.EPSS 0.6%CVE-2025-8773MEDIUMDinstar Monitoring Platform 甘肃省危险品库监控平台 login_getPasswordErrorNum.action sql injectionEPSS 0.6%CVE-2023-28359MEDIUMA NoSQL injection vulnerability has been identified in the listEmojiCustom method call within Rocket.Chat. This can be exploited by unauthenEPSS 0.6%CVE-2024-6734MEDIUMitsourcecode Tailoring Management System templateadd.php sql injectionEPSS 0.6%CVE-2024-24018CRITICALA SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort paEPSS 0.6%CVE-2023-48864HIGHSEMCMS v4.8 was discovered to contain a SQL injection vulnerability via the languageID parameter in /web_inc.php.EPSS 0.6%CVE-2024-7811MEDIUMSourceCodester Daily Expenses Monitoring App delete-expense.php sql injectionEPSS 0.6%CVE-2024-57615HIGHAn issue in the BATcalcbetween_intern component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted EPSS 0.6%CVE-2025-7343CRITICALDigiwin|SFT - SQL InjectionEPSS 0.6%CVE-2024-31547CRITICALComputer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/item/view_item.php.EPSS 0.6%CVE-2024-30501HIGHWordPress Download Monitor theme <= 4.9.4 - Auth. SQL Injection vulnerabilityEPSS 0.6%CVE-2024-7119MEDIUMMD-MAFUJUL-HASAN Online-Payroll-Management-System employee_viewmore.php sql injectionEPSS 0.6%CVE-2024-57616HIGHAn issue in the vscanf component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.EPSS 0.6%CVE-2021-24704Orange Form <= 1.0 - SQL Injection via CSRFEPSS 0.6%CVE-2024-24015CRITICALA SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort paEPSS 0.6%CVE-2024-3042MEDIUMSourceCodester Simple Subscription Website manage_user.php sql injectionEPSS 0.6%