CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,623 vulnerabilities with CWE-89
CVE-2025-4303
HIGH
PHPGurukul Human Metapneumovirus Testing Management System 1.0 - SQL Injection via empid Parameter
CVSS 7.3
CVE-2025-4301
HIGH
itsourcecode Content Management System 1.0 - SQL Injection via searchdata Parameter in search-notice.php
CVSS 7.3
CVE-2025-4300
HIGH
itsourcecode Content Management System 1.0 - SQL Injection via Search Parameter in search_list.php
CVSS 7.3
CVE-2025-4297
HIGH
PHPGurukul Men Salon Management System 2.0 - SQL Injection
CVSS 7.3
CVE-2025-44074
CRITICAL
SeaCMS v13.3 - SQL Injection via admin_topic.php
CVSS 9.8
CVE-2025-44072
CRITICAL
SeaCMS v13.3 - SQL Injection via admin_manager.php
CVSS 9.8
CVE-2025-4283
HIGH
SourceCodester/oretnom23 Stock Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-45240
MEDIUM
foxcms v1.2.5 - SQL Injection via DataBackup.php executeCommand Method
CVSS 6.5
CVE-2025-45322
HIGH
kashipara Online Service Management Portal V1.0 - SQL Injection via CheckStatus checkid Parameter
CVSS 8.8
CVE-2025-45321
HIGH
kashipara Online Service Management Portal V1.0 - SQL Injection via rPassword Parameter
CVSS 8.8
CVE-2025-26241
MEDIUM
osTicket <=1.17.5 - Authenticated SQL Injection via Search Keywords and Topic ID
CVSS 6.5
CVE-2025-4267
MEDIUM
SourceCodester/oretnom23 Stock Management System 1.0 - SQL Injection
CVSS 4.7
CVE-2025-4266
HIGH
PHPGurukul Notice Board System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-4265
HIGH
PHPGurukul Emergency Ambulance Hiring Portal 1.0 - SQL Injection
CVSS 7.3
CVE-2025-4264
HIGH
PHPGurukul Emergency Ambulance Hiring Portal 1.0 - SQL Injection
CVSS 7.3
CVE-2025-4263
HIGH
PHPGurukul Online DJ Booking Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-4262
HIGH
PHPGurukul Online DJ Booking Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-4250
HIGH
Nero Social Networking Site 1.0 - SQL Injection
CVSS 7.3
CVE-2025-4249
HIGH
PHPGurukul e-Diary Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-4248
MEDIUM
SourceCodester Simple To-Do List System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-4247
MEDIUM
SourceCodester Simple To-Do List System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-4244
MEDIUM
code-projects Online Bus Reservation System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-4243
MEDIUM
code-projects Online Bus Reservation System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-4242
HIGH
PHPGurukul Online Birth Certificate System 2.0 - SQL Injection
CVSS 7.3
CVE-2025-4241
HIGH
PHPGurukul Teacher Subject Allocation Management System 1.0 - SQL I...
CVSS 7.3
Details
Vulnerabilities
19,623
Exploit Likelihood
High