Weaknesses of type CWE-89

11,838 results
CVE-2025-1191MEDIUMSourceCodester Multi Restaurant Table Reservation System approve-reject.php sql injectionEPSS 0.5%CVE-2025-1184MEDIUMpihome-shc PiHome ajax.php sql injectionEPSS 0.5%CVE-2025-8443MEDIUMcode-projects Online Medicine Guide login.php sql injectionEPSS 0.5%CVE-2025-4306MEDIUMPHPGurukul Nipah Virus Testing Management System edit-phlebotomist.php sql injectionEPSS 0.5%CVE-2025-4308MEDIUMPHPGurukul Art Gallery Management System add-art-type.php sql injectionEPSS 0.5%CVE-2025-8327MEDIUMcode-projects Exam Form Submission delete_s8.php sql injectionEPSS 0.5%CVE-2025-8330MEDIUMcode-projects Vehicle Management edit1.php sql injectionEPSS 0.5%CVE-2024-9018HIGHWP Easy Gallery <= 4.8.5 - Authenticated (Contributor+) SQL Injection via key ParameterEPSS 0.5%CVE-2025-8237MEDIUMcode-projects Exam Form Submission update_s1.php sql injectionEPSS 0.5%CVE-2025-6962MEDIUMCampcodes Employee Management System myprofileup.php sql injectionEPSS 0.5%CVE-2025-3141MEDIUMSourceCodester Online Medicine Ordering System manage_category.php sql injectionEPSS 0.5%CVE-2025-4361MEDIUMPHPGurukul Company Visitor Management System department.php sql injectionEPSS 0.5%CVE-2026-6080MEDIUMTutor LMS <= 3.9.8 - Authenticated (Admin+) SQL Injection via 'date' ParameterEPSS 0.5%CVE-2026-2024HIGHPhotoStack Gallery <= 0.4.1 - Unauthenticated SQL Injection via 'postid' ParameterEPSS 0.5%CVE-2019-25159MEDIUMmpedraza2020 Intranet del Monterroso cargos.php sql injectionEPSS 0.5%CVE-2024-34534HIGHA SQL injection vulnerability in Cybrosys Techno Solutions Text Commander module (aka text_commander) 16.0 through 16.0.1 allows a remote atEPSS 0.5%CVE-2025-7036HIGHCleverReach WP <= 1.5.20 - Unauthenticated SQL Injection via title ParameterEPSS 0.5%CVE-2024-37494HIGHWordPress Youzify plugin <= 1.2.5 - SQL Injection vulnerabilityEPSS 0.5%CVE-2023-27112CRITICALpearProjectApi v2.8.10 was discovered to contain a SQL injection vulnerability via the projectCode parameter at project.php.EPSS 0.5%CVE-2023-27113CRITICALpearProjectApi v2.8.10 was discovered to contain a SQL injection vulnerability via the organizationCode parameter at project.php.EPSS 0.5%