Falhas do tipo CWE-89

11.712 resultados
CVE-2022-42120CRITICALA SQL injection vulnerability in the Fragment module in Liferay Portal 7.3.3 through 7.4.3.16, and Liferay DXP 7.3 before update 4, and 7.4 EPSS 0.8%CVE-2023-1590MEDIUMSourceCodester Online Tours & Travels Management System currency.php exec sql injectionEPSS 0.8%CVE-2023-2201HIGHWeb Directory Free <= 1.6.8 - Authenticated (Contributor+) SQL Injection via post_idEPSS 0.8%CVE-2024-3797MEDIUMSourceCodester QR Code Bookmark System sql injectionEPSS 0.8%CVE-2025-62360CRITICALWeGIA SQL Injection via 'id_dependente' param at endpoint `/html/funcionario/dependente_documento.php`EPSS 0.8%CVE-2022-40097HIGHOnline Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_EPSS 0.8%CVE-2022-44393HIGHSanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=services/view_service&id=.EPSS 0.8%CVE-2022-46953HIGHDynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?actiEPSS 0.8%CVE-2024-3055HIGHUnlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Authenticated (Contributor+) SQL InjectionEPSS 0.8%CVE-2022-40403HIGHWedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/feature_edit.php.EPSS 0.8%CVE-2022-42143HIGHOpen Source SACCO Management System v1.0 is vulnerable to SQL Injection via /sacco_shield/manage_payment.php.EPSS 0.8%CVE-2022-43350HIGHSanitization Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php-sms/classes/Master.EPSS 0.8%CVE-2021-24555Diary & Availability Calendar <= 1.0.3 - Authenticated (subscriber+) SQL InjectionEPSS 0.8%CVE-2022-44379HIGHAutomotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_service.EPSS 0.8%CVE-2022-46946HIGHHelmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deleteEPSS 0.8%CVE-2022-40928HIGHOnline Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_application.EPSS 0.8%CVE-2022-43066HIGHOnline Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/classes/EPSS 0.8%CVE-2024-1990HIGHRegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.1.0 - Authenticated (Contributor+) SQL Injection via ShortcodeEPSS 0.8%CVE-2022-40927HIGHOnline Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_designation.EPSS 0.8%CVE-2022-43352HIGHSanitization Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php-sms/classes/Master.EPSS 0.8%