Weaknesses of type CWE-89

11,840 results
CVE-2025-1389HIGHLearning Digital Orca HCM - SQL InjectionEPSS 0.5%CVE-2025-3856MEDIUMxxyopen Novel-Plus searchByPage sql injectionEPSS 0.5%CVE-2024-5543HIGHSlideshow Gallery LITE <= 1.8.1 - Authenticated (Contributor+) SQL InjectionEPSS 0.5%CVE-2024-37112CRITICALWordPress WishList Member X plugin < 3.26.7 - Unauthenticated Arbitrary SQL Query Execution vulnerabilityEPSS 0.5%CVE-2026-26696CRITICALcode-projects Simple Student Alumni System v1.0 is vulnerable to SQL Injection in /TracerStudy/recordteacher_edit.php.EPSS 0.5%CVE-2024-48231HIGHFunadmin 5.0.2 is vulnerable to SQL Injection via the selectFields parameter in the index method of \backend\controller\auth\Auth.php.EPSS 0.5%CVE-2024-2871MEDIUMMedia Library Assistant <= 3.13 - Authenticated (Contributor+) SQL Injection via ShortcodeEPSS 0.5%CVE-2025-1572MEDIUMKiviCare – Clinic & Patient Management System (EHR) <= 3.6.7 - Authenticated (Doctor+) SQL Injection via 'u_id' ParameterEPSS 0.5%CVE-2024-32551HIGHWordPress SP Project & Document Manage plugin <= 4.71 - Auth. SQL Injection vulnerabilityEPSS 0.5%CVE-2024-6479MEDIUMSIP Reviews Shortcode for WooCommerce <= 1.2.3 - Authenticated (Contributor+) SQL InjectionEPSS 0.5%CVE-2023-28849CRITICALGLPI vulnerable to SQL injection and Stored XSS via inventory agent requestEPSS 0.5%CVE-2024-10171MEDIUMcode-projects Blood Bank System massage.php sql injectionEPSS 0.5%CVE-2024-24375HIGHSQL injection vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to obtain sensitive information via /admin/admin name parameter.EPSS 0.5%CVE-2024-34989CRITICALIn the module RSI PDF/HTML catalog evolution (prestapdf) <= 7.0.0 from RSI for PrestaShop, a guest can perform SQL injection via `PrestaPDFPEPSS 0.5%CVE-2025-1832MEDIUMzj1983 zz ZroleAction.java getUserList sql injectionEPSS 0.5%CVE-2025-1820MEDIUMzj1983 zz ZworkflowAction.java getOaWid sql injectionEPSS 0.5%CVE-2025-32968HIGHorg.xwiki.platform:xwiki-platform-oldcore allows SQL injection in short form select requests through the script query APIEPSS 0.5%CVE-2025-1958MEDIUMaaluoxiang oa_system address-mapper.xml sql injectionEPSS 0.5%CVE-2024-11726MEDIUMAppointment Booking Calendar Plugin and Scheduling Plugin – BookingPress <= 1.1.21 - Authenticated (Contributor+) SQL InjectionEPSS 0.5%CVE-2025-40711CRITICALSQL injection vulnerability in Quiter GatewayEPSS 0.5%