CWE-89

High likelihood

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Parent: CWE-943 - Improper Neutralization of Special Elements in Data Query Logic

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

19,634 vulnerabilities with CWE-89
CVE-2025-3348 MEDIUM
Patient Record Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-3347 MEDIUM
Patient Record Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-3345 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3344 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-30473 HIGH
Apache Airflow Common SQL Provider - SQL Injection
CVSS 8.8
CVE-2025-3343 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3342 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3341 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3340 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3339 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3338 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3337 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3336 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3335 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3334 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3333 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3332 HIGH
codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3331 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3330 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3323 MEDIUM
godcheese Nimrod 0.8 - SQL Injection via ViewMenuCategoryRestController searchAllByName Function
CVSS 6.3
CVE-2025-3318 MEDIUM
Kenj_Frog company-financial-management 1.0 - SQL Injection via ShangpinleixingController sort Parameter
CVSS 6.3
CVE-2025-3316 HIGH
PHPGurukul Men Salon Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3315 HIGH
SourceCodester Apartment Visitor Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3314 HIGH
SourceCodester Apartment Visitor Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3313 HIGH
PHPGurukul Men Salon Management System 1.0 - SQL Injection
CVSS 7.3
Details
Vulnerabilities 19,634
Exploit Likelihood High