CWE-89

High likelihood

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Parent: CWE-943 - Improper Neutralization of Special Elements in Data Query Logic

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

19,572 vulnerabilities with CWE-89
CVE-2025-11102 HIGH
Campcodes Online Learning Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11101 HIGH
iSourcecode Open Source Job Portal 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11094 HIGH
Code-projects E-Commerce Website 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11090 MEDIUM
isourcecode Open Source Job Portal 1.0 - SQL Injection
CVSS 6.3
CVE-2025-11089 HIGH
kidaze CourseSelectionSystem < 2017-06-18 - SQL Injection via cbranch Argument
CVSS 7.3
CVE-2025-11088 MEDIUM
itsourcecode Open Source Job Portal 1.0 - SQL Injection
CVSS 6.3
CVE-2025-11077 HIGH
Campcodes Online Learning Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11076 HIGH
Campcodes Online Learning Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11075 HIGH
Campcodes Online Learning Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11074 HIGH
Code-Projects Project Monitoring System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11071 MEDIUM
SeaCMS 13.3.20250820 - SQL Injection
CVSS 4.7
CVE-2025-11070 HIGH
Projectworlds Online Shopping System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11066 HIGH
Code-projects Online Bidding System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11064 HIGH
Campcodes Online Learning Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11063 HIGH
Campcodes Online Learning Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11062 HIGH
Campcodes Online Learning Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11061 HIGH
Campcodes Online Learning Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11057 HIGH
SourceCodester Pet Grooming Management Software 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11056 MEDIUM
ProjectsAndPrograms School Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-11055 HIGH
SourceCodester Online Hotel Reservation System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-11054 MEDIUM
itsourcecode Open Source Job Portal 1.0 - SQL Injection
CVSS 6.3
CVE-2025-11053 HIGH
PHPGurukul Small CRM 4.0 - SQL Injection
CVSS 7.3
CVE-2025-11052 HIGH
kidaze CourseSelectionSystem 1.0/5 - SQL Injection
CVSS 7.3
CVE-2025-59939 HIGH
WeGIA < 3.5.0 - SQL Injection via control.php id_produto Parameter
CVSS 8.8
CVE-2025-11041 MEDIUM
itsourcecode Open Source Job Portal 1.0 - SQL Injection
CVSS 6.3
Details
Vulnerabilities 19,572
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits