Weaknesses of type CWE-89
11,768 resultsCVE-2024-6898MEDIUMSourceCodester Record Management System index.php sql injectionEPSS 0.6%CVE-2024-5775MEDIUMSourceCodester Vehicle Management System updatebill.php sql injectionEPSS 0.6%CVE-2024-11722MEDIUMFrontend Admin by DynamiApps <= 3.25.1 - Unauthenticated SQL InjectionEPSS 0.6%CVE-2024-10702MEDIUMcode-projects Simple Car Rental System signup.php sql injectionEPSS 0.6%CVE-2022-4860MEDIUMKBase Metrics methods_upload_user_stats.py upload_user_data sql injectionEPSS 0.6%CVE-2021-4336MEDIUMITRS Group monitor-ninja scheduled_reports.php sql injectionEPSS 0.6%CVE-2023-6771MEDIUMSourceCodester Simple Student Attendance System actions.class.php save_attendance sql injectionEPSS 0.6%CVE-2025-22208MEDIUMExtension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.3 for JoomlaEPSS 0.6%CVE-2025-22980MEDIUMA SQL Injection vulnerability exists in Senayan Library Management System SLiMS 9 Bulian 9.6.1 via the tempLoanID parameter in the loan formEPSS 0.6%CVE-2024-5753HIGHLocal File Read (LFI) by Prompt Injection via Postgres SQL in vanna-ai/vannaEPSS 0.6%CVE-2022-4933MEDIUMATM Consulting dolibarr_module_quicksupplierprice interface.php upatePrice sql injectionEPSS 0.6%CVE-2024-35056CRITICALNASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the query_packets and insert functions.EPSS 0.6%CVE-2026-33324CRITICALSQLBot prompt injection allows arbitrary SQL execution and remote code executionEPSS 0.6%CVE-2024-24407MEDIUMSQL Injection vulnerability in Best Courier management system v.1.0 allows a remote attacker to obtain sensitive information via print_pdetsEPSS 0.6%CVE-2021-4276MEDIUM** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in dns-stats hedgehog. It has been rated as problematic. Affected by this issue isEPSS 0.6%CVE-2026-32306CRITICALOneUptime ClickHouse SQL Injection via Aggregate Query ParametersEPSS 0.6%CVE-2024-53480CRITICALPhpgurukul's Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in `login.php` via the `emailcont` parameter.EPSS 0.6%CVE-2022-46955CRITICALDynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?actiEPSS 0.6%CVE-2024-42357HIGHShopware vulnerable to blind SQL-injection in DAL aggregationsEPSS 0.6%CVE-2022-39180CRITICALCollege Management System v1.0 - SQL Injection (SQLi)EPSS 0.6%