CWE-89

High likelihood

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Parent: CWE-943 - Improper Neutralization of Special Elements in Data Query Logic

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

19,636 vulnerabilities with CWE-89
CVE-2025-2661 HIGH
Project Worlds Online Time Table Generator 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2660 HIGH
Project Worlds Online Time Table Generator 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2659 HIGH
Project Worlds Online Time Table Generator 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2658 HIGH
PHPGurukul Online Security Guards Hiring System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2657 HIGH
Apartment Visitors Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2656 HIGH
PHPGurukul Zoo Management System 2.1 - SQL Injection
CVSS 7.3
CVE-2025-2655 HIGH
SourceCodester AC Repair and Services System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2654 HIGH
SourceCodester AC Repair and Services System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2649 HIGH
PHPGurukul Doctor Appointment Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2648 HIGH
PHPGurukul Art Gallery Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2647 HIGH
PHPGurukul Art Gallery Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2646 HIGH
PHPGurukul Art Gallery Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2644 HIGH
PHPGurukul Art Gallery Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2643 HIGH
PHPGurukul Art Gallery Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2642 HIGH
PHPGurukul Art Gallery Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-1446 CRITICAL
Pods WordPress Plugin < 3.2.8.2 - Authenticated SQL Injection
CVSS 9.8
CVE-2025-2641 HIGH
PHPGurukul Art Gallery Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2640 HIGH
PHPGurukul Doctor Appointment Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-2628 MEDIUM
PHPGurukul Art Gallery Management System 1.1 - SQL Injection
CVSS 6.3
CVE-2025-2627 MEDIUM
PHPGurukul Art Gallery Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-2626 MEDIUM
SourceCodester Kortex Lite Advocate Office Management System 1.0 - SQL Injection via edit_case.php ID Parameter
CVSS 6.3
CVE-2025-2625 MEDIUM
westboy CicadasCMS 1.0 - SQL Injection
CVSS 6.3
CVE-2025-2624 MEDIUM
westboy CicadasCMS 1.0 - SQL Injection
CVSS 6.3
CVE-2025-2186 HIGH
Recover WooCommerce Cart Abandonment - SQL Injection
CVSS 7.5
CVE-2025-2478 MEDIUM
Code Clone <= 0.9 - Authenticated Time-Based SQL Injection via snippetId Parameter
CVSS 4.9
Details
Vulnerabilities 19,636
Exploit Likelihood High