Fallos del tipo CWE-89

11.708 resultados
CVE-2022-40827CRITICALB.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where() function. EPSS 0.9%CVE-2020-22818CRITICALMKCMS V6.2 has SQL injection via /ucenter/reg.php name parameter.EPSS 0.9%CVE-2022-42237CRITICALA SQL Injection issue in Merchandise Online Store v.1.0 allows an attacker to log in to the admin account.EPSS 0.9%CVE-2020-22819CRITICALMKCMS V6.2 has SQL injection via the /ucenter/active.php verify parameter.EPSS 0.9%CVE-2022-43232HIGHCanteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the userid parameter at /php_action/fetchOrderDatEPSS 0.8%CVE-2024-26264CRITICALEBM Technologies RISWEB - SQL InjectionEPSS 0.8%CVE-2022-43228HIGHBarangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /clearance/clearance.EPSS 0.8%CVE-2024-2147HIGHSourceCodester Online Mobile Management Store login.php sql injectionEPSS 0.8%CVE-2023-2484HIGHActive Directory Integration / LDAP Integration <= 4.1.4 - Authenticated (Administrator+) SQL InjectionEPSS 0.8%CVE-2019-5122HIGHSQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. AEPSS 0.8%CVE-2024-57430CRITICALAn SQL injection vulnerability in the pjActionGetUser function of PHPJabbers Cinema Booking System v2.0 allows attackers to manipulate databEPSS 0.8%CVE-2023-4737CRITICALSQLi in Hedef Trackings Admin PanelEPSS 0.8%CVE-2022-44151CRITICALSimple Inventory Management System v1.0 is vulnerable to SQL Injection via /ims/login.php.EPSS 0.8%CVE-2022-24391HIGHAuthenticated SQL Injection Vulnerability in Fidelis Network and DeceptionEPSS 0.8%CVE-2022-38833HIGHSchool Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/modstudent/index.php?view=viewEPSS 0.8%CVE-2024-29301HIGHSourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-admin.php?admin_id=EPSS 0.8%CVE-2023-2188HIGHColibri Page Builder <= 1.0.227 - Authenticated (Administrator+) SQL Injection via post_idEPSS 0.8%CVE-2020-13590MEDIUMMultiple exploitable SQL injection vulnerabilities exist in the 'entities/fields' page of the Rukovoditel Project Management App 2.7.2. A spEPSS 0.8%CVE-2024-57635HIGHAn issue in the chash_array component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafteEPSS 0.8%CVE-2024-57636HIGHAn issue in the itc_sample_row_check component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) vEPSS 0.8%