CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,652 vulnerabilities with CWE-89
CVE-2025-22502
HIGH
MindValley Super PageMash <1.1 - SQL Injection
CVSS 7.6
CVE-2025-0298
MEDIUM
code-projects Online Book Shop 1.0 - SQL Injection
CVSS 6.3
CVE-2025-0297
MEDIUM
code-projects Online Book Shop 1.0 - SQL Injection
CVSS 6.3
CVE-2025-0296
MEDIUM
code-projects Online Book Shop 1.0 - SQL Injection
CVSS 6.3
CVE-2025-0294
MEDIUM
Home Clean Services Management System 1.0 - SQL Injection via process.php Type/Length/Business Parameter
CVSS 4.7
CVE-2025-22352
HIGH
ELEXtensions ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes - SQL Injection
CVSS 7.6
CVE-2025-22351
HIGH
PenguinArts Contact Form 7 Database - SQL Injection
CVSS 7.6
CVE-2025-22349
HIGH
Owen Cutajar & Hyder Jaffari WordPress Auction Plugin <3.7 - SQL In...
CVSS 7.6
CVE-2025-22348
HIGH
RTO GmbH DynamicTags <1.4.0 - SQL Injection
CVSS 8.5
CVE-2025-0233
HIGH
Codezips Project Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-0232
MEDIUM
Codezips Blood Bank Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-0231
MEDIUM
Codezips Gym Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-0230
MEDIUM
Responsive Hotel Site 1.0 - SQL Injection
CVSS 6.3
CVE-2025-0229
MEDIUM
Travel Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-0214
MEDIUM
TMD Custom Header Menu 4.0.0.1 - SQL Injection
CVSS 4.1
CVE-2025-0212
MEDIUM
Campcodes Student Grading System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-0210
HIGH
Campcodes School Faculty Scheduling System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-0208
MEDIUM
code-projects Online Shoe Store 1.0 - SQL Injection
CVSS 6.3
CVE-2025-0207
HIGH
code-projects Online Shoe Store 1.0 - SQL Injection
CVSS 7.3
CVE-2025-0205
MEDIUM
code-projects Online Shoe Store 1.0 - SQL Injection
CVSS 6.3
CVE-2025-0204
MEDIUM
code-projects Online Shoe Store 1.0 - SQL Injection
CVSS 6.3
CVE-2025-0203
MEDIUM
code-projects Student Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-0201
MEDIUM
Point of Sales and Inventory Management System 1.0 - SQL Injection via Username Parameter
CVSS 6.3
CVE-2025-0200
MEDIUM
Point of Sales and Inventory Management System 1.0 - SQL Injection via Search Parameter
CVSS 6.3
CVE-2025-0199
MEDIUM
Point of Sales and Inventory Management System 1.0 - SQL Injection via /user/minus_cart.php id Parameter
CVSS 6.3
Details
Vulnerabilities
19,652
Exploit Likelihood
High