CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,634 vulnerabilities with CWE-89
CVE-2025-3312
HIGH
PHPGurukul Men Salon Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3311
HIGH
PHPGurukul Men Salon Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3310
HIGH
Blood Bank Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3309
HIGH
Blood Bank Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-1264
MEDIUM
Broken Link Checker by AIOSEO < 1.2.3 - Authenticated SQL Injection via orderBy Parameter
CVSS 6.5
CVE-2025-3308
HIGH
Blood Bank Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3307
HIGH
Blood Bank Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3306
HIGH
Blood Bank Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3304
MEDIUM
code-projects Patient Record Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-3303
MEDIUM
code-projects Patient Record Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-3299
HIGH
PHPGurukul Men Salon Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3296
MEDIUM
SourceCodester Online Eyewear Shop 1.0 - SQL Injection
CVSS 6.3
CVE-2025-3267
MEDIUM
qinguoyi TinyWebServer <1.0 - SQL Injection
CVSS 6.3
CVE-2025-3265
HIGH
PHPGurukul e-Diary Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3258
HIGH
PHPGurukul Old Age Home Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-32204
HIGH
rocketelements Split Test For Elementor <1.8.2 - SQL Injection
CVSS 7.6
CVE-2025-32203
HIGH
manu225 Falling things <1.08 - SQL Injection
CVSS 7.6
CVE-2025-32149
HIGH
teachPress <= 9.0.11 - SQL Injection
CVSS 8.5
CVE-2025-32148
HIGH
Daisycon prijsvergelijkers <4.8.4 - SQL Injection
CVSS 8.5
CVE-2025-32127
HIGH
onOffice for WP-Websites - SQL Injection
CVSS 7.6
CVE-2025-32126
HIGH
cmsMinds Pay with Contact Form 7 <1.0.4 - SQL Injection
CVSS 7.6
CVE-2025-32125
HIGH
Silvasoft boekhouden <3.0.1 - SQL Injection
CVSS 7.6
CVE-2025-32124
HIGH
eleopard Behance Portfolio Manager <1.7.4 - SQL Injection
CVSS 7.6
CVE-2025-32122
HIGH
Stylemix uListing <2.1.9 - SQL Injection
CVSS 7.6
CVE-2025-32121
HIGH
SuitePlugins Video & Photo Gallery <1.1.3 - SQL Injection
CVSS 7.6
Details
Vulnerabilities
19,634
Exploit Likelihood
High