CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,654 vulnerabilities with CWE-89
CVE-2024-57632
HIGH
MonetDB Server v11.49.1 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57631
HIGH
MonetDB Server v11.49.1 - Denial of Service via Crafted SQL Statements in exp_ref Component
CVSS 7.5
CVE-2024-57630
HIGH
MonetDB v11.49.1 - Denial of Service via Crafted SQL Statements in exps_card Component
CVSS 7.5
CVE-2024-57629
HIGH
MonetDB Server 11.49.1 - Denial of Service via Crafted SQL Statements in tail_type Component
CVSS 7.5
CVE-2024-57628
HIGH
MonetDB Server 11.49.1 - Denial of Service via exp_values_set_supertype
CVSS 7.5
CVE-2024-57627
HIGH
MonetDB Server v11.49.1 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57626
HIGH
MonetDB Server v11.49.1 - Denial of Service via Crafted SQL Statements in mat_join2
CVSS 7.5
CVE-2024-57625
HIGH
MonetDB Server 11.49.1 - Denial of Service via merge_table_prune_and_unionize Component
CVSS 7.5
CVE-2024-57624
HIGH
MonetDB v11.49.1 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57622
HIGH
MonetDB Server 11.49.1 - Denial of Service via Crafted SQL Statements in exp_bin Component
CVSS 7.5
CVE-2024-57621
HIGH
MonetDB v11.47.11 - Denial of Service via GDKanalytical_correlation SQL Statements
CVSS 7.5
CVE-2024-57620
HIGH
MonetDB v11.47.11 - Denial of Service via trimchars Component
CVSS 7.5
CVE-2024-57619
HIGH
MonetDB Server 11.47.11 - Denial of Service via Crafted SQL Statements in atom_get_int
CVSS 7.5
CVE-2024-57617
HIGH
MonetDB Server 11.49.1 - Denial of Service via Crafted SQL Statements in dameraulevenshtein Component
CVSS 7.5
CVE-2024-57616
HIGH
MonetDB v11.47.11 - Denial of Service via vscanf Component
CVSS 7.5
CVE-2024-57615
HIGH
MonetDB Server v11.47.11 - Denial of Service via BATcalcbetween_intern
CVSS 7.5
CVE-2024-12404
HIGH
CF Internal Link Shortcode <1.1.0 - SQL Injection
CVSS 7.5
CVE-2024-9134
HIGH
Arista ng_firewall < 17.2 - Authenticated SQL Injection
CVSS 8.3
CVE-2024-12473
MEDIUM
AI Scribe - SEO AI Writer <2.3 - SQL Injection
CVSS 6.5
CVE-2024-54762
MEDIUM
ruoyi < 4.7.9 - Authenticated SQL Injection via filterKeyword Method
CVSS 6.3
CVE-2024-54761
MEDIUM
BigAnt Office Messenger 5.6.06 - SQL Injection via dev_code Parameter
CVSS 6.3
CVE-2024-12067
MEDIUM
WP Travel - Ultimate Travel Booking System, Tour Management Engine ...
CVSS 6.5
CVE-2024-13204
MEDIUM
kurniaramadhan E-Commerce-PHP 1.0 - SQL Injection
CVSS 5.5
CVE-2024-13194
MEDIUM
Sucms 1.0 - SQL Injection via /admin/admin_members.php uid Parameter
CVSS 6.3
CVE-2024-13193
MEDIUM
semcms < 4.8 - SQL Injection in Image Library Management Page
CVSS 6.3
Details
Vulnerabilities
19,654
Exploit Likelihood
High