CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,634 vulnerabilities with CWE-89
CVE-2025-32120
HIGH
Erick Danzer Easy Query - SQL Injection
CVSS 7.6
CVE-2025-31403
CRITICAL
shiptrack Booking Calendar & Notification <4.0.3 - SQL Injection
CVSS 9.3
CVE-2025-3245
MEDIUM
itsourcecode Library Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-3243
MEDIUM
code-projects Patient Record Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-3242
MEDIUM
PHPGurukul e-Diary Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-3240
HIGH
PHPGurukul Online Fire Reporting System 1.2 - SQL Injection
CVSS 7.3
CVE-2025-3239
HIGH
PHPGurukul Online Fire Reporting System 1.2 - SQL Injection
CVSS 7.3
CVE-2025-3238
HIGH
PHPGurukul Online Fire Reporting System 1.2 - SQL Injection
CVSS 7.3
CVE-2025-3235
MEDIUM
PHPGurukul Old Age Home Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-3231
HIGH
PHPGurukul Zoo Management System 2.1 - SQL Injection
CVSS 7.3
CVE-2025-3229
MEDIUM
PHPGurukul Restaurant Table Booking System 1.0 - SQL Injection
CVSS 4.7
CVE-2025-3220
HIGH
PHPGurukul e-Diary Management System 1.0 - SQL Injection via Category Parameter
CVSS 7.3
CVE-2025-3217
HIGH
PHPGurukul e-Diary Management System 1.0 - SQL Injection via Registration Email Parameter
CVSS 7.3
CVE-2025-3216
HIGH
PHPGurukul e-Diary Management System 1.0 - SQL Injection via Username/Contactno Parameter
CVSS 7.3
CVE-2025-3215
MEDIUM
PHPGurukul Restaurant Table Booking System 1.0 - SQL Injection via fullname Parameter
CVSS 6.3
CVE-2025-3213
HIGH
PHPGurukul e-Diary Management System 1.0 - SQL Injection via Remark Parameter
CVSS 7.3
CVE-2025-3211
MEDIUM
Patient Record Management System 1.0 - SQL Injection via itr_no/birth_id Parameter in birthing_print.php
CVSS 6.3
CVE-2025-2317
HIGH
Product Filter by WBW <2.7.9 - SQL Injection
CVSS 7.5
CVE-2025-3210
MEDIUM
code-projects Patient Record Management System 1.0 - SQL Injection via birth_id Parameter
CVSS 6.3
CVE-2025-3209
MEDIUM
Patient Record Management System 1.0 - SQL Injection via itr_no Parameter in add_patient.php
CVSS 6.3
CVE-2025-3208
MEDIUM
code-projects Patient Record Management System 1.0 - SQL Injection via itr_no Parameter in xray_print.php
CVSS 6.3
CVE-2025-3207
MEDIUM
code-projects Patient Record Management System 1.0 - SQL Injection via birth_id Parameter
CVSS 6.3
CVE-2025-3206
MEDIUM
code-projects Hospital Management System 1.0 - SQL Injection via doctorspecilization Parameter
CVSS 6.3
CVE-2025-3205
MEDIUM
CodeAstro Student Grading System 1.0 - SQL Injection via studentId Parameter
CVSS 6.3
CVE-2025-3204
MEDIUM
CodeAstro Car Rental System 1.0 - SQL Injection via /returncar.php ID Parameter
CVSS 6.3
Details
Vulnerabilities
19,634
Exploit Likelihood
High