CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,623 vulnerabilities with CWE-89
CVE-2025-25403
CRITICAL
Slims 9 Bulian V9.6.1 - SQL Injection
CVSS 9.8
CVE-2025-4060
HIGH
PHPGurukul Notice Board System 1.0 - SQL Injection via catname Parameter
CVSS 7.3
CVE-2025-4058
HIGH
Projectworlds Online Examination System 1.0 - SQL Injection via Pat_BloodGroup1 Parameter
CVSS 7.3
CVE-2025-4039
HIGH
PHPGurukul Rail Pass Management System 1.0 - SQL Injection via searchdata Parameter
CVSS 7.3
CVE-2025-4034
HIGH
projectworlds Online Examination System 1.0 - SQL Injection via Doc_ID Parameter
CVSS 7.3
CVE-2025-4033
HIGH
PHPGurukul Nipah Virus Testing Management System 1.0 - SQL Injection via Patient Search Report Parameter
CVSS 7.3
CVE-2025-4031
HIGH
PHPGurukul Pre-School Enrollment System 1.0 - SQL Injection via pagetitle Parameter
CVSS 7.3
CVE-2025-4030
HIGH
PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection via Search Report Result Parameter
CVSS 7.3
CVE-2025-4028
HIGH
PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection via Profile Mobile Number Parameter
CVSS 7.3
CVE-2025-4027
HIGH
PHPGurukul Old Age Home Management System 1.0 - SQL Injection via pagetitle Parameter
CVSS 7.3
CVE-2025-4026
HIGH
PHPGurukul Nipah Virus Testing Management System 1.0 - SQL Injection via Profile Adminname or Mobilenumber Parameter
CVSS 7.3
CVE-2025-4025
HIGH
Placement Management System 1.0 - SQL Injection via Name Parameter in registration.php
CVSS 7.3
CVE-2025-4024
HIGH
Placement Management System 1.0 - SQL Injection via drive_title Parameter
CVSS 7.3
CVE-2025-4023
HIGH
Placement Management System 1.0 - SQL Injection via Name Parameter in add_company.php
CVSS 7.3
CVE-2025-4021
MEDIUM
code-projects Patient Record Management System 1.0 - SQL Injection via ID Parameter in /edit_spatient.php
CVSS 6.3
CVE-2025-4020
HIGH
PHPGurukul Old Age Home Management System 1.0 - SQL Injection via contact.php fname Parameter
CVSS 7.3
CVE-2025-4014
HIGH
PHPGurukul Art Gallery Management System 1.0 - SQL Injection via /admin/manage-art-medium.php artmed Parameter
CVSS 7.3
CVE-2025-4013
HIGH
PHPGurukul Art Gallery Management System 1.0 - SQL Injection via pagetitle Parameter
CVSS 7.3
CVE-2025-4005
HIGH
PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection via Patient Report Search Parameter
CVSS 7.3
CVE-2025-4004
HIGH
PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection via Password Recovery Username/Contact Parameter
CVSS 7.3
CVE-2025-3998
HIGH
CodeAstro Membership Mgmt 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3976
HIGH
PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3974
HIGH
PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3973
HIGH
PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3972
HIGH
PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection
CVSS 7.3
Details
Vulnerabilities
19,623
Exploit Likelihood
High