CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,572 vulnerabilities with CWE-89
CVE-2025-10811
HIGH
Hostel Management System 1.0 - SQL Injection via ID Parameter in mod_comments
CVSS 7.3
CVE-2025-10810
HIGH
Campcodes Online Learning Management System 1.0 - SQL Injection via Firstname Parameter in Edit User
CVSS 7.3
CVE-2025-55885
MEDIUM
ARD GEC en Ligne < 2025-04-23 - SQL Injection via GET Parameters in index.php
CVSS 6.3
CVE-2025-10809
HIGH
Campcodes Online Learning Management System 1.0 - SQL Injection via /admin/department.php d Parameter
CVSS 7.3
CVE-2025-10808
HIGH
Campcodes Farm Management System 1.0 - SQL Injection via /uploadProduct.php Type Parameter
CVSS 7.3
CVE-2025-10807
MEDIUM
Campcodes Online Beauty Parlor Management System 1.0 - SQL Injection via editid Parameter
CVSS 6.3
CVE-2025-10806
MEDIUM
Campcodes Online Beauty Parlor Management System 1.0 - SQL Injection via fromdate/todate Parameter
CVSS 6.3
CVE-2025-10805
MEDIUM
Campcodes Online Beauty Parlor Management System 1.0 - SQL Injection via add-services.php sername Parameter
CVSS 6.3
CVE-2025-10804
MEDIUM
Campcodes Online Beauty Parlor Management System 1.0 - SQL Injection via mobilenum Parameter in add-customer.php
CVSS 6.3
CVE-2025-10802
HIGH
Online Bidding System 1.0 - SQL Injection via ID Parameter in remove.php
CVSS 7.3
CVE-2025-56075
MEDIUM
PHPGurukul Park Ticketing Mgmt <2.0 - SQL Injection
CVSS 5.4
CVE-2025-56074
CRITICAL
PHPGurukul Park Ticketing Mgmt <2.0 - SQL Injection
CVSS 9.8
CVE-2025-10801
HIGH
Pet Grooming Management Software 1.0 - SQL Injection via /admin/edit_tax.php ID Parameter
CVSS 7.3
CVE-2025-10800
HIGH
itsourcecode Online Discussion Forum 1.0 - SQL Injection via Email/Password Parameter
CVSS 7.3
CVE-2025-10799
HIGH
Hostel Management System 1.0 - SQL Injection via ID Parameter in Reservation View
CVSS 7.3
CVE-2025-10798
HIGH
Hostel Management System 1.0 - SQL Injection via ID Parameter in mod_roomtype
CVSS 7.3
CVE-2025-10797
HIGH
Hostel Management System 1.0 - SQL Injection via log_email Parameter
CVSS 7.3
CVE-2025-10796
HIGH
Hostel Management System 1.0 - SQL Injection via Email Parameter in Admin Login
CVSS 7.3
CVE-2025-10795
HIGH
Online Bidding System 1.0 - SQL Injection via bidupdate.php ID Parameter
CVSS 7.3
CVE-2025-10793
HIGH
E-Commerce Website 1.0 - SQL Injection via user_id Parameter in admin_account_delete.php
CVSS 7.3
CVE-2025-10791
HIGH
Online Bidding System 1.0 - SQL Injection via aduser Parameter
CVSS 7.3
CVE-2025-10790
MEDIUM
SourceCodester Simple Forum Discussion System 1.0 - SQL Injection via Description Parameter in save_category Action
CVSS 6.3
CVE-2025-10789
HIGH
Online Hotel Reservation System 1.0 - SQL Injection via deleteslide.php ID Parameter
CVSS 7.3
CVE-2025-10788
HIGH
Online Hotel Reservation System 1.0 - SQL Injection via deleteroominventory.php ID Parameter
CVSS 7.3
CVE-2025-10786
HIGH
Campcodes Grocery Sales and Inventory System 1.0 - SQL Injection via /ajax.php ID Parameter
CVSS 7.3
Details
Vulnerabilities
19,572
Exploit Likelihood
High