Falhas do tipo CWE-89
11.588 resultadosCVE-2024-52874HIGHIn Infoblox NETMRI before 7.6.1, authenticated users can perform SQL injection attacks.EPSS 6.6%CVE-2021-24627—G Auto-Hyperlink <= 1.0.1 - Admin+ SQL InjectionEPSS 6.6%CVE-2022-36972CRITICALThis vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific fEPSS 6.5%CVE-2022-36976CRITICALThis vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific fEPSS 6.5%CVE-2022-36975CRITICALThis vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific fEPSS 6.5%CVE-2022-36979HIGHThis vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although autheEPSS 6.5%CVE-2024-35584HIGHSQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSisEPSS 6.5%CVE-2022-1883CRITICALSQL Injection in camptocamp/terraboardEPSS 6.4%CVE-2024-10600MEDIUMTongda OA 2017 submenu.php sql injectionEPSS 6.3%CVE-2024-43360CRITICALZoneMinder Time-based SQL InjectionEPSS 6.2%CVE-2025-67736HIGHAuthenticated SQL Injection in FreePBX tts (Text To Speech) moduleEPSS 6.1%CVE-2025-32786HIGHGLPI Inventory Plugin is Vulnerable to Unauthenticated SQL InjectionEPSS 6.0%CVE-2022-36973CRITICALThis vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although autheEPSS 6.0%CVE-2017-16716—A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not properly sanitize its inputs for SQL commands.EPSS 6.0%CVE-2024-32709CRITICALWordPress WP-Recall plugin <= 16.26.5 - SQL Injection vulnerabilityEPSS 5.9%CVE-2022-0228—Popup Builder < 4.0.7 - Admin+ SQL InjectionEPSS 5.8%CVE-2024-36412CRITICALSuiteCRM unauthenticated SQL InjectionEPSS 5.7%CVE-2021-24554—Paytm - Donation Plugin <= 1.3.2 - Authenticated (admin+) SQL InjectionEPSS 5.7%CVE-2024-44349CRITICALA SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated attackers to execute arbitrary SQL commandsEPSS 5.6%CVE-2022-1339HIGHSQL injection in ElementController.php in pimcore/pimcoreEPSS 5.6%