Weaknesses of type CWE-89

11,712 results
CVE-2020-27240MEDIUMAn exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The componentStatus parameter in the getEPSS 0.9%CVE-2020-27241MEDIUMAn exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The serialnumber parameter in the getAssEPSS 0.9%CVE-2015-10122MEDIUMwp-donate Plugin donate-display.php sql injectionEPSS 0.9%CVE-2020-27237MEDIUMAn exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The code parameter in the The nomenclatuEPSS 0.9%CVE-2020-27239MEDIUMAn exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The assetStatus parameter in the getAsseEPSS 0.9%CVE-2012-10047CRITICALCyclope Employee Surveillance Solution v6.x SQL InjectionEPSS 0.9%CVE-2024-48580CRITICALSQL Injection vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the email EPSS 0.9%CVE-2021-36433CRITICALSQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_delete_mEPSS 0.9%CVE-2021-36431CRITICALSQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_json_cheEPSS 0.9%CVE-2021-36434CRITICALSQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_json_cheEPSS 0.9%CVE-2024-11663MEDIUMCodezips E-Commerce Site search.php sql injectionEPSS 0.9%CVE-2022-38878HIGHSchool Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/event/index.php?view=edit&id=.EPSS 0.9%CVE-2022-40092HIGHOnline Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/upEPSS 0.9%CVE-2023-31619HIGHAn issue in the sch_name_to_object component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via EPSS 0.9%CVE-2023-31618HIGHAn issue in the sqlc_union_dt_wrap component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via EPSS 0.9%CVE-2022-40093HIGHOnline Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/upEPSS 0.9%CVE-2023-31631HIGHAn issue in the sqlo_preds_contradiction component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoSEPSS 0.9%CVE-2022-38832HIGHSchool Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/department/index.php?view=editEPSS 0.9%CVE-2023-31630HIGHAn issue in the sqlo_query_spec component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via craEPSS 0.9%CVE-2023-1674HIGHSourceCodester School Registration and Fee System POST Parameter login.php sql injectionEPSS 0.9%