Fallos del tipo CWE-89

11.706 resultados
CVE-2021-32957HIGHMDT AutoSave Uncontrolled Search Path ElementEPSS 0.9%CVE-2022-40447HIGHZZCMS 2022 was discovered to contain a SQL injection vulnerability via the keyword parameter at /admin/baojia_list.php.EPSS 0.9%CVE-2023-39365MEDIUMUnchecked regular expressions can lead to SQL Injection and data leakage in CactiEPSS 0.9%CVE-2023-34548CRITICALSimple Customer Relationship Management 1.0 is vulnerable to SQL Injection via the email parameter.EPSS 0.9%CVE-2022-1361HIGHCambium Networks cnMaestro SQL InjectionEPSS 0.9%CVE-2024-29870CRITICALSQL injection vulnerability in SentrifugoEPSS 0.9%CVE-2023-30545HIGHPrestaShop arbitrary file read vulnerabilityEPSS 0.9%CVE-2023-28438MEDIUMPimcore vulnerable to improper quoting of filters in Custom ReportsEPSS 0.9%CVE-2024-46626HIGHOS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted payload.EPSS 0.9%CVE-2021-36503CRITICALSQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php fEPSS 0.9%CVE-2022-38868HIGHSQL Injection vulnerability in Ehoney version 2.0.0 in models/protocol.go and models/images.go, allows attackers to execute arbitrary code.EPSS 0.9%CVE-2023-28108HIGHPimcore has improper quoting of columns when calling methods "getByUuid" & "exists" on UUID ModelEPSS 0.9%CVE-2024-27289HIGHpgx SQL Injection via Line Comment CreationEPSS 0.9%CVE-2023-23459CRITICALPriority Windows – Command Execution via SQL Injection EPSS 0.9%CVE-2022-42249HIGHSimple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/view_storage.php?id=.EPSS 0.9%CVE-2021-36432HIGHSQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_set_maskEPSS 0.9%CVE-2017-20128HIGHKB Messages PHP Script sql injectionEPSS 0.9%CVE-2024-31212MEDIUMSQL injection in index_chart_data actionEPSS 0.9%CVE-2022-46051HIGHThe approve parameter from the AeroCMS-v0.0.1 CMS system is vulnerable to SQL injection attacks.EPSS 0.9%CVE-2023-40046HIGHWS_FTP Server SQL Injection via Administrative InterfaceEPSS 0.9%