CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,581 vulnerabilities with CWE-89
CVE-2025-8264
CRITICAL
z-push-dev < 2.7.6 - SQL Injection via IMAP Username Field
CVSS 9.0
CVE-2025-6495
HIGH
Bricks theme <1.12.4 - SQL Injection
CVSS 7.5
CVE-2025-8274
HIGH
Campcodes Online Recruitment Management System 1.0 - SQL Injection via ID Parameter in /admin/ajax.php
CVSS 7.3
CVE-2025-8273
HIGH
code-projects Exam Form Submission 1.0 - SQL Injection via credits Parameter in /admin/update_s8.php
CVSS 7.3
CVE-2025-8272
HIGH
code-projects Exam Form Submission 1.0 - SQL Injection via /admin/update_fst.php Credits Parameter
CVSS 7.3
CVE-2025-6918
CRITICAL
Ncvav Virtual PBX <09.07.2025 - SQL Injection
CVSS 9.8
CVE-2025-8271
HIGH
code-projects Exam Form Submission 1.0 - SQL Injection via /admin/delete_s3.php ID Parameter
CVSS 7.3
CVE-2025-8270
HIGH
code-projects Exam Form Submission 1.0 - SQL Injection via /admin/delete_s2.php ID Parameter
CVSS 7.3
CVE-2025-8269
HIGH
code-projects Exam Form Submission 1.0 - SQL Injection via /admin/delete_s1.php ID Parameter
CVSS 7.3
CVE-2025-8254
MEDIUM
Campcodes Courier Management System 1.0 - SQL Injection via ID Parameter in view_parcel.php
CVSS 6.3
CVE-2025-8253
HIGH
code-projects Exam Form Submission 1.0 - SQL Injection via /admin/delete_s6.php ID Parameter
CVSS 7.3
CVE-2025-8252
HIGH
code-projects Exam Form Submission 1.0 - SQL Injection via /admin/delete_s5.php ID Parameter
CVSS 7.3
CVE-2025-8251
HIGH
code-projects Exam Form Submission 1.0 - SQL Injection via /admin/delete_s4.php ID Parameter
CVSS 7.3
CVE-2025-8250
HIGH
code-projects Exam Form Submission 1.0 - SQL Injection via credits Parameter
CVSS 7.3
CVE-2025-8249
HIGH
code-projects Exam Form Submission 1.0 - SQL Injection via /admin/update_s3.php Credits Parameter
CVSS 7.3
CVE-2025-8248
HIGH
Online Ordering System 1.0 - SQL Injection via Firstname Parameter in Signup
CVSS 7.3
CVE-2025-8247
MEDIUM
Projectworlds Online Admission System 1.0 - SQL Injection via /admin.php markof Parameter
CVSS 6.3
CVE-2025-8241
HIGH
1000projects ABC Courier Management System 1.0 - SQL Injection via From Parameter in report.php
CVSS 7.3
CVE-2025-8240
HIGH
code-projects Exam Form Submission 1.0 - SQL Injection via Phone Parameter
CVSS 7.3
CVE-2025-8239
HIGH
code-projects Exam Form Submission 1.0 - SQL Injection via Email Parameter
CVSS 7.3
CVE-2025-8238
HIGH
code-projects Exam Form Submission 1.0 - SQL Injection via /admin/update_s2.php Credits Parameter
CVSS 7.3
CVE-2025-8237
HIGH
code-projects Exam Form Submission 1.0 - SQL Injection via /admin/update_s1.php Credits Parameter
CVSS 7.3
CVE-2025-8236
HIGH
Online Ordering System 1.0 - SQL Injection via Name Parameter in Edit Product
CVSS 7.3
CVE-2025-8235
HIGH
Online Ordering System 1.0 - SQL Injection via Name Parameter in Product Admin Page
CVSS 7.3
CVE-2025-8234
HIGH
Online Ordering System 1.0 - SQL Injection via /admin/delete_member.php ID Parameter
CVSS 7.3
Details
Vulnerabilities
19,581
Exploit Likelihood
High