Falhas do tipo CWE-89

11.845 resultados
CVE-2025-25349CRITICALPHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the costitem parameter.EPSS 0.5%CVE-2023-33993HIGHSQL Injection vulnerability in SAP Business One B1i LayerEPSS 0.5%CVE-2024-46374CRITICALBest House Rental Management System 1.0 contains a SQL injection vulnerability in the delete_category() function of the file rental/admin_clEPSS 0.5%CVE-2024-50823LOWA SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management System Project 1.0 via the username and passwEPSS 0.5%CVE-2024-57768CRITICALJFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component validRoleKey?sysRole.key.EPSS 0.5%CVE-2024-10856MEDIUMBooking Calendar WpDevArt <= 3.2.19 - Authenticated (Contributor+) SQL InjectionEPSS 0.5%CVE-2025-7155MEDIUMPHPGurukul Online Notes Sharing System Cookie Dashboard sql injectionEPSS 0.5%CVE-2026-32271HIGHCraft Commerce: SQL Injection can lead to Remote Code Execution via TotalRevenue WidgetEPSS 0.5%CVE-2025-5402MEDIUMchaitak-gorai Blogbook GET Parameter edit_post.php sql injectionEPSS 0.5%CVE-2025-65354CRITICALImproper input handling in /Grocery/search_products_itname.php inPuneethReddyHC event-management 1.0 permits SQL injection via the sitem_namEPSS 0.5%CVE-2025-2854MEDIUMcode-projects Payroll Management System update_employee.php sql injectionEPSS 0.5%CVE-2024-9475MEDIUMPoll Maker – Versus Polls, Anonymous Polls, Image Polls <= 5.4.6 - Authenticated (Administrator+) SQL Injection via Order_by ParameterEPSS 0.5%CVE-2025-2847MEDIUMCodezips Gym Management System over_month.php sql injectionEPSS 0.5%CVE-2025-3142MEDIUMSourceCodester Apartment Visitor Management System add-apartment.php sql injectionEPSS 0.5%CVE-2025-5401MEDIUMchaitak-gorai Blogbook GET Parameter post.php sql injectionEPSS 0.5%CVE-2025-3347MEDIUMcode-projects Patient Record Management System dental_pending.php sql injectionEPSS 0.5%CVE-2025-8500MEDIUMcode-projects Human Resource Integrated System action.php sql injectionEPSS 0.5%CVE-2025-3134MEDIUMcode-projects Payroll Management System add_overtime.php sql injectionEPSS 0.5%CVE-2024-6041MEDIUMitsourcecode Gym Management System manage_user.php sql injectionEPSS 0.5%CVE-2025-25994HIGHSQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive information via the parameters date1, date2,EPSS 0.5%