Fallos del tipo CWE-89

11.837 resultados
CVE-2024-42554HIGHHotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the room_type parameter at admin_room_addEPSS 0.6%CVE-2024-0270MEDIUMKashipara Food Management System item_list_submit.php sql injectionEPSS 0.6%CVE-2024-30496HIGHWordPress Element Pack Lite plugin <= 5.5.3 - SQL Injection vulnerabilityEPSS 0.6%CVE-2024-37256HIGHWordPress Tutor LMS plugin <= 2.7.1 - SQL Injection vulnerabilityEPSS 0.6%CVE-2024-32127HIGHWordPress Find Duplicates plugin <= 1.4.6 - Auth. SQL Injection vulnerabilityEPSS 0.6%CVE-2024-11121MEDIUM上海灵当信息科技有限公司 Lingdang CRM index.php sql injectionEPSS 0.6%CVE-2025-41372HIGHSQL injection vulnerability in Gandia Integra TotalEPSS 0.6%CVE-2024-0277MEDIUMKashipara Food Management System party_submit.php sql injectionEPSS 0.6%CVE-2023-0531MEDIUMSourceCodester Online Tours & Travels Management System booking_report.php sql injectionEPSS 0.6%CVE-2024-25515HIGHRuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sys_file_storage_id parameter at /WorkFlow/wf_workEPSS 0.6%CVE-2024-25892HIGHChurchCRM 5.5.0 ConfirmReport.php is vulnerable to Blind SQL Injection (Time-based) via the familyId GET parameter.EPSS 0.6%CVE-2024-8570MEDIUMitsourcecode Tailoring Management System inccatadd.php sql injectionEPSS 0.6%CVE-2024-40393CRITICALOnline Clinic Management System In PHP With Free Source code v1.0 was discovered to contain a SQL injection vulnerability via the user paramEPSS 0.6%CVE-2023-0532MEDIUMSourceCodester Online Tours & Travels Management System disapprove_user.php sql injectionEPSS 0.6%CVE-2023-0534MEDIUMSourceCodester Online Tours & Travels Management System expense_report.php sql injectionEPSS 0.6%CVE-2023-4485CRITICALARDEREG Sistemas SCADA SQL InjectionEPSS 0.6%CVE-2026-47296HIGHMicrosoft SQL Server Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2024-9034MEDIUMcode-projects Patient Record Management System login.php sql injectionEPSS 0.6%CVE-2025-52390CRITICALSaurus CMS Community Edition since commit d886e5b0 (2010-04-23) is vulnerable to a SQL Injection vulnerability in the `prepareSearchQuery()`EPSS 0.6%CVE-2024-10540MEDIUMAppointment Booking Calendar Plugin and Scheduling Plugin – BookingPress <= 1.1.16 - Authenticated (Subscriber+) SQL InjectionEPSS 0.6%