Fallos del tipo CWE-89
11.580 resultadosCVE-2024-23975HIGHDelta Electronics DIAEnergie SQL injectionEPSS 8.5%CVE-2024-29830HIGHAn unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same EPSS 8.5%CVE-2021-24849—WCFM - WooCommerce Multivendor Marketplace < 3.4.12 - Unauthenticated SQL InjectionEPSS 8.5%CVE-2022-0769—Users Ultra <= 3.1.0 - Unauthenticated SQL InjectionEPSS 8.4%CVE-2023-1545HIGH SQL Injection in nilsteampassnet/teampassEPSS 8.4%CVE-2024-13973MEDIUMA post-auth SQL injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR1 (21.0.1) can potentially lead to adminisEPSS 8.3%CVE-2024-36837MEDIUMSQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive information via the getProductList function in theEPSS 8.3%CVE-2024-29829HIGHAn unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same EPSS 8.2%CVE-2025-50979HIGHNodeBB v4.3.0 is vulnerable to SQL injection in its search-categories API endpoint (/api/v3/search/categories). The search query parameter iEPSS 8.1%CVE-2023-1934CRITICALThe PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerabiEPSS 8.1%CVE-2022-41773HIGHDelta Electronics DIAEnergieEPSS 7.9%CVE-2022-0788—WP Fundraising Donation and Crowdfunding Platform < 1.5.0 - Unauthenticated SQLiEPSS 7.9%CVE-2026-1367HIGHSQL InjectionEPSS 7.9%CVE-2022-0949—WP Block and Stop Bad Bots < 6.930 - Unauthenticated SQLiEPSS 7.9%CVE-2022-43452HIGHDelta Electronics DIAEnergie SQL InjectionEPSS 7.7%CVE-2022-40967HIGHDelta Electronics DIAEnergieEPSS 7.7%CVE-2021-24731—Pie Register < 3.7.1.6 - Unauthenticated SQL InjectionEPSS 7.5%CVE-2023-27167MEDIUMSuprema BioStar 2 v2.8.16 was discovered to contain a SQL injection vulnerability via the values parameter at /users/absence?search_month=1.EPSS 7.5%CVE-2021-24943—Registrations for the Events Calendar < 2.7.6 - Unauthenticated SQL InjectionEPSS 7.5%CVE-2026-26988CRITICALLibreNMS: SQL Injection in ajax_table.php spreads through a covert data streamEPSS 7.4%