Weaknesses of type CWE-89
11,540 resultsCVE-2025-52694CRITICALExecution of arbitrary SQL commandsEPSS 37.9%CVE-2021-3817CRITICALSQL Injection in wbce/wbce_cmsEPSS 37.8%CVE-2022-46443HIGHmesinkasir Bangresto 1.0 is vulnberable to SQL Injection via the itemqty%5B%5D parameter.EPSS 37.7%CVE-2022-2754—Ketchup Restaurant Reservations <= 1.0.0 - Unauthenticated Blind SQLiEPSS 37.7%CVE-2022-0739—BookingPress < 1.0.11 - Unauthenticated SQL InjectionEPSS 37.2%CVE-2024-40638HIGHGLPI allows account takeover via SQL Injection in AJAX scriptsEPSS 37.0%CVE-2024-4434CRITICALLearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Time-Based SQL InjectionEPSS 36.9%CVE-2024-51482CRITICALBoolean-based SQL Injection in ZoneMinder v1.37.* <= 1.37.64EPSS 36.9%CVE-2022-1905—Events Made Easy < 2.2.81 - Unauthenticated SQLiEPSS 36.7%CVE-2024-45622CRITICALASIS (aka Aplikasi Sistem Sekolah using CodeIgniter 3) 3.0.0 through 3.2.0 allows index.php username SQL injection for Authentication BypassEPSS 36.0%CVE-2023-1454MEDIUMjeecg-boot qurestSql sql injectionEPSS 35.8%CVE-2025-32814CRITICALAn issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Injection can occur.EPSS 35.8%CVE-2022-0349—NotificationX < 2.3.9 - Unauthenticated Blind SQL InjectionEPSS 34.4%CVE-2025-25064HIGHSQL injection vulnerability in the ZimbraSync Service SOAP endpoint in Zimbra Collaboration 10.0.x before 10.0.12 and 10.1.x before 10.1.4 dEPSS 34.4%CVE-2022-39323HIGHSQL Injection on REST API in GLPIEPSS 34.3%CVE-2021-36300MEDIUMiDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. An unauthenticated remote attacker may potentially eEPSS 33.3%CVE-2022-0651CRITICALWP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via current_page_typeEPSS 33.0%CVE-2024-5315CRITICALMultiple vulnerabilities in DOLIBARR's ERP CMSEPSS 32.9%CVE-2023-30194CRITICALPrestashop posstaticfooter <= 1.0.0 is vulnerable to SQL Injection via posstaticfooter::getPosCurrentHook().EPSS 32.4%CVE-2025-24587HIGHWordPress Email Subscription Popup plugin <= 1.2.23 - SQL Injection vulnerabilityEPSS 32.2%