CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,636 vulnerabilities with CWE-89
CVE-2025-2039
MEDIUM
code-projects Blood Bank Management System 1.0 - SQL Injection via member_id Parameter
CVSS 4.7
CVE-2025-2037
MEDIUM
code-projects Blood Bank Management System 1.0 - SQL Injection via requester_id Parameter
CVSS 6.3
CVE-2025-2036
MEDIUM
s-a-zhd Ecommerce-Website-using-PHP 1.0 - SQL Injection via details.php pro_id Parameter
CVSS 6.3
CVE-2025-2034
HIGH
PHPGurukul Pre-School Enrollment System 1.0 - SQL Injection via classname/capacity/classtiming Parameters
CVSS 7.3
CVE-2025-2033
MEDIUM
code-projects Blood Bank Management System 1.0 - SQL Injection via donor_id Parameter
CVSS 6.3
CVE-2025-2030
HIGH
Seeyon Zhiyuan Interconnect FE Collaborative Office Platform <20250...
CVSS 7.3
CVE-2025-22212
LOW
Convert Forms <4.4.9 - SQL Injection
CVSS 2.7
CVE-2025-1702
HIGH
Ultimate Member <2.10.0 - SQL Injection
CVSS 7.5
CVE-2025-27659
CRITICAL
Vasion Print < 20.0.1923 and Virtual Appliance < 22.0.843 - SQL Injection
CVSS 9.8
CVE-2025-27640
CRITICAL
Vasion Print < 20.0.2614 and Virtual Appliance < 22.0.1002 - SQL Injection
CVSS 9.8
CVE-2025-1966
HIGH
PHPGurukul Pre-School Enrollment System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-1965
HIGH
projectworlds Online Hotel Booking 1.0 - SQL Injection
CVSS 7.3
CVE-2025-1964
HIGH
projectworlds Online Hotel Booking 1.0 - SQL Injection
CVSS 7.3
CVE-2025-1963
HIGH
projectworlds Online Hotel Booking 1.0 - SQL Injection
CVSS 7.3
CVE-2025-1962
HIGH
projectworlds Online Hotel Booking 1.0 - SQL Injection
CVSS 7.3
CVE-2025-1961
MEDIUM
SourceCodester Best Church Management Software 1.1 - SQL Injection
CVSS 6.3
CVE-2025-1959
HIGH
Codezips Gym Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-25426
HIGH
yshopmall <= 1.9.0 - SQL Injection in Image Listing Interface
CVSS 7.2
CVE-2025-1958
MEDIUM
aaluoxiang oa_system 1.0 - SQL Injection
CVSS 6.3
CVE-2025-1956
HIGH
code-projects Shopping Portal 1.0 - SQL Injection
CVSS 7.3
CVE-2025-26136
CRITICAL
mysiteforme < 2025-01-01 - SQL Injection
CVSS 9.8
CVE-2025-1954
HIGH
Human Metapneumovirus Testing Management System 1.0 - SQL Injection via Login Username Parameter
CVSS 7.3
CVE-2025-1952
HIGH
PHPGurukul Restaurant Table Booking System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-1906
MEDIUM
PHPGurukul Restaurant Table Booking System 1.0 - SQL Injection
CVSS 4.7
CVE-2025-1903
HIGH
Codezips Online Shopping Website 1.0 - SQL Injection
CVSS 7.3
Details
Vulnerabilities
19,636
Exploit Likelihood
High