Weaknesses of type CWE-89
11,848 resultsCVE-2024-11713MEDIUMWP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL Injection via wpjobportal_deactivate()EPSS 0.5%CVE-2019-25542HIGHNetartmedia Real Estate Portal 5.0 SQL Injection via index.phpEPSS 0.5%CVE-2025-26186HIGHSQL Injection vulnerability in openSIS v.9.1 allows a remote attacker to execute arbitrary code via the id parameter in Ajax.phpEPSS 0.5%CVE-2025-44034HIGHSQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the alph parameters in src/main/EPSS 0.5%CVE-2025-40735HIGHA vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected devices are vulnerable to SQL injection. This could allEPSS 0.5%CVE-2024-2386HIGHWordPress Plugin for Google Maps – WP MAPS <= 4.6.1 - Authenticated (Contributor+) SQL InjectionEPSS 0.5%CVE-2024-28560MEDIUMSQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea() function of tEPSS 0.5%CVE-2026-34099CRITICALGuardian Language-System Unauthenticated SQL Injection via id Parameter in job_info.phpEPSS 0.5%CVE-2025-56162MEDIUMYOSHOP 2.0 suffers from an unauthenticated SQL injection in the goodsIds parameter of the /api/goods/listByIds endpoint. The getListByIds fuEPSS 0.5%CVE-2024-53807HIGHWordPress WP Mailster plugin <= 1.8.16.0 - SQL Injection vulnerabilityEPSS 0.5%CVE-2024-12067MEDIUMWP Travel – Ultimate Travel Booking System, Tour Management Engine <= 10.0.0 - Authenticated (Subscriber+) SQL InjectionEPSS 0.5%CVE-2025-28009CRITICALA SQL Injection vulnerability exists in the `u` parameter of the progress-body-weight.php endpoint of Dietiqa App v1.0.20.EPSS 0.5%CVE-2024-13475HIGHSmall Package Quotes – UPS Edition <= 4.5.16 - Unauthenticated SQL InjectionEPSS 0.5%CVE-2025-30971CRITICALWordPress XV Random Quotes plugin <= 2.0.0 - SQL Injection vulnerabilityEPSS 0.5%CVE-2024-47325HIGHWordPress Multiple Page Generator Plugin – MPG plugin <= 3.4.7 - SQL Injection vulnerabilityEPSS 0.5%CVE-2024-43941CRITICALWordPress Propovoice Pro plugin <= 1.7.0.3 - Unauthenticated SQL Injection vulnerabilityEPSS 0.5%CVE-2025-2392MEDIUMcode-projects Online Class and Exam Scheduling System activate.php sql injectionEPSS 0.5%CVE-2025-2664MEDIUMCodeZips Hospital Management System suadpeted.php sql injectionEPSS 0.5%CVE-2025-2039MEDIUMcode-projects Blood Bank Management System delete_members.php sql injectionEPSS 0.5%CVE-2025-25222HIGHThe LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains an SQL injection vulnerability in retrEPSS 0.5%