Falhas do tipo CWE-89
11.609 resultadosCVE-2023-34751CRITICALbloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the gid parameter at admin/index.php?mode=user&page=groups&actiEPSS 4.2%CVE-2023-34753CRITICALbloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the tid parameter at admin/index.php?mode=settings&page=tmpl&acEPSS 4.2%CVE-2023-34755CRITICALbloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the userid parameter at admin/index.php?mode=user&action=edit.EPSS 4.2%CVE-2020-5726—The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. A remote unauthenticated EPSS 4.2%CVE-2024-3605CRITICALWP Hotel Booking <= 2.1.0 - Unauthenticated SQL InjectionEPSS 4.2%CVE-2021-43789HIGHBlind SQLi using Search filters in PrestaShopEPSS 4.1%CVE-2023-2130MEDIUMSourceCodester Purchase Order Management System GET Parameter view_details.php sql injectionEPSS 4.1%CVE-2022-1950—Youzify < 1.2.0 - Unauthenticated SQLiEPSS 4.1%CVE-2026-48136MEDIUMAuthenticated Administrator Role-Based Access Control Bypass in ComplianceEPSS 4.1%CVE-2012-5861—Sinapsi eSolar SQL InjectionEPSS 4.1%CVE-2018-0320—A vulnerability in the web framework code of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker toEPSS 4.1%CVE-2026-26990HIGHLibreNMS has Time-Based Blind SQL Injection in address-search.inc.phpEPSS 4.1%CVE-2024-5490HIGHSQL InjectionEPSS 4.0%CVE-2024-36514HIGHSQL InjectionEPSS 4.0%CVE-2017-14851CRITICALA SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. The vulnerability is in the login page, where the aEPSS 4.0%CVE-2022-21664HIGHSQL injection in WordPressEPSS 4.0%CVE-2020-15624HIGHThis vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923EPSS 4.0%CVE-2020-15620HIGHThis vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923EPSS 4.0%CVE-2020-15616HIGHThis vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923EPSS 4.0%CVE-2024-53900CRITICALMongoose before 8.8.3 can improperly use $where in match, leading to search injection.EPSS 4.0%