Falhas do tipo CWE-89
11.610 resultadosCVE-2024-13496HIGHGamiPress <= 7.3.1 - Unauthenticated SQL Injection via orderby ParameterEPSS 2.2%CVE-2024-1301CRITICALMultiple Vulnerabilities in Badger Meter's MonitoolEPSS 2.2%CVE-2020-36857HIGHNagios XI < 5.6.14 Authenticated SQL Injection via SNMP Trap Interface PageEPSS 2.2%CVE-2023-22794—A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed tEPSS 2.2%CVE-2024-21791MEDIUMSQL Injection in ADAudit PlusEPSS 2.2%CVE-2024-32843CRITICALAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin pEPSS 2.1%CVE-2024-32842CRITICALAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin pEPSS 2.1%CVE-2024-32846CRITICALAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin pEPSS 2.1%CVE-2024-6814HIGHNETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution VulnerabilityEPSS 2.1%CVE-2025-5287HIGHLikes and Dislikes Plugin <= 1.0.0 - Unauthenticated SQL InjectionEPSS 2.1%CVE-2025-9977MEDIUMImproper neutralization of input in Times Software E-PAYROLLEPSS 2.1%CVE-2024-39843MEDIUMA SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via create user EPSS 2.1%CVE-2025-67644HIGHLangGraph SQLite Checkpoint is vulnerable to SQL Injection via metadata filter key in checkpointer list methodEPSS 2.1%CVE-2024-9459HIGHSQL InjectionEPSS 2.1%CVE-2021-36880HIGHWordPress uListing plugin <= 2.0.3 - Unauthenticated SQL Injection (SQLi) vulnerabilityEPSS 2.1%CVE-2022-46764CRITICALA SQL injection issue in the web API in TrueConf Server 5.2.0.10225 (fixed in 5.2.6.10025) allows remote unauthenticated attackers to executEPSS 2.1%CVE-2023-50839CRITICALWordPress JS Help Desk – Best Help Desk & Support Plugin <= 2.8.1 is vulnerable to SQL InjectionEPSS 2.0%CVE-2025-47178HIGHMicrosoft Configuration Manager Remote Code Execution VulnerabilityEPSS 2.0%CVE-2014-2376—Ecava IntegraXor SCADA Server SQL InjectionEPSS 2.0%CVE-2019-5454—SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiringEPSS 2.0%