CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,581 vulnerabilities with CWE-89
CVE-2025-8233
HIGH
Online Ordering System 1.0 - SQL Injection via /admin/user.php un Parameter
CVSS 7.3
CVE-2025-8232
HIGH
Online Ordering System 1.0 - SQL Injection via /admin/delete_user.php ID Parameter
CVSS 7.3
CVE-2025-8230
MEDIUM
Campcodes Courier Management System 1.0 - SQL Injection via ID Parameter in manage_user.php
CVSS 6.3
CVE-2025-8229
MEDIUM
Campcodes Courier Management System 1.0 - SQL Injection via Parcel List Search Parameter
CVSS 6.3
CVE-2025-8220
HIGH
Engeman Web < 12.0.0.1 - SQL Injection via LanguageCombobox Cookie Parameter
CVSS 7.3
CVE-2025-8219
MEDIUM
Lingdang CRM < 8.6.5.2 - SQL Injection via getvaluestring Parameter
CVSS 6.3
CVE-2025-8203
MEDIUM
Jingmen Zeyou Large File Upload Control < 6.3 - SQL Injection via ID Parameter in /index.jsp
CVSS 6.3
CVE-2025-8190
MEDIUM
Campcodes Courier Management System 1.0 - SQL Injection via /print_pdets.php ids Parameter
CVSS 6.3
CVE-2025-8189
MEDIUM
Campcodes Courier Management System 1.0 - SQL Injection via /edit_user.php ID Parameter
CVSS 6.3
CVE-2025-8188
MEDIUM
Campcodes Courier Management System 1.0 - SQL Injection via /edit_staff.php ID Parameter
CVSS 6.3
CVE-2025-8187
MEDIUM
Campcodes Courier Management System 1.0 - SQL Injection via /edit_parcel.php ID Parameter
CVSS 6.3
CVE-2025-8186
MEDIUM
Campcodes Courier Management System 1.0 - SQL Injection via /edit_branch.php ID Parameter
CVSS 6.3
CVE-2025-8185
HIGH
1000 Projects ABC Courier Management System 1.0 - SQL Injection via /getbyid.php ID Parameter
CVSS 7.3
CVE-2025-8179
HIGH
PHPGurukul Local Services Search Engine Management System 2.1 - SQL Injection via editid Parameter
CVSS 7.3
CVE-2025-8173
HIGH
1000 Projects ABC Courier Management System 1.0 - SQL Injection via reciver_name Parameter
CVSS 7.3
CVE-2025-8172
MEDIUM
itsourcecode Employee Management System 1.0 - SQL Injection via Username Parameter
CVSS 6.3
CVE-2025-8166
HIGH
Church Donation System 1.0 - SQL Injection via Username Parameter in Admin Login
CVSS 7.3
CVE-2025-8165
MEDIUM
Food Review System 1.0 - SQL Injection via /admin/approve_reservation.php Occasion Parameter
CVSS 6.3
CVE-2025-8164
MEDIUM
Public Chat Room 1.0 - SQL Injection via send_message.php ID Parameter
CVSS 6.3
CVE-2025-8163
MEDIUM
deer-wms-2 < 3.3 - SQL Injection via params[dataScope]
CVSS 6.3
CVE-2025-8162
MEDIUM
deer-wms-2 < 3.3 - SQL Injection via params[dataScope]
CVSS 6.3
CVE-2025-8161
MEDIUM
deer-wms-2 < 3.3 - SQL Injection via /system/role/export params[dataScope]
CVSS 6.3
CVE-2025-34136
MEDIUM
Commvault <11.32.93-11.38.19 - SQL Injection
CVE-2025-44608
MEDIUM
CloudClassroom-PHP Project 1.0 - SQL Injection via viewid Parameter
CVSS 6.5
CVE-2025-8158
MEDIUM
PHPGurukul Login and User Management System 3.3 - SQL Injection via ID Parameter in /admin/yesterday-reg-users.php
CVSS 6.3
Details
Vulnerabilities
19,581
Exploit Likelihood
High