CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,654 vulnerabilities with CWE-89
CVE-2024-55980
CRITICAL
Webriderz Wr Age Verification <2.0.0 - SQL Injection
CVSS 9.3
CVE-2024-55979
HIGH
Webriderz Wr Age Verification <2.0.0 - SQL Injection
CVSS 8.5
CVE-2024-55978
CRITICAL
WalletStation.com Code Generator Pro - SQL Injection
CVSS 9.3
CVE-2024-55977
CRITICAL
LaunchPage.app Importer <1.1 - SQL Injection
CVSS 9.3
CVE-2024-55976
CRITICAL
Mike Leembruggen Critical Site Intel <1.0 - SQL Injection
CVSS 9.3
CVE-2024-55974
HIGH
AMS Nexe Iberica Mimoos <1.2 - SQL Injection
CVSS 8.5
CVE-2024-55973
HIGH
Ryan Nystrom TSB Occasion Editor <1.2.1 - SQL Injection
CVSS 8.5
CVE-2024-55972
CRITICAL
eTemplates <= 0.2.1 - SQL Injection
CVSS 9.3
CVE-2024-54361
CRITICAL
outstrip Instant Appointment <1.2 - SQL Injection
CVSS 9.3
CVE-2024-9678
MEDIUM
DLP Extension <11.11.1.3 - SQL Injection
CVSS 4.9
CVE-2024-31892
HIGH
IBM Storage Scale GUI <5.2.1.1 - Privilege Escalation
CVSS 7.5
CVE-2024-11714
MEDIUM
WP Job Portal <2.2.2 - SQL Injection
CVSS 4.9
CVE-2024-11713
MEDIUM
WP Job Portal < 2.2.3 - Authenticated SQL Injection via page_id Parameter
CVSS 4.9
CVE-2024-11711
HIGH
WP Job Portal <2.2.1 - SQL Injection
CVSS 7.5
CVE-2024-11710
MEDIUM
WP Job Portal < 2.2.3 - Authenticated SQL Injection via fieldfor, visibleParent, and id Parameters
CVSS 4.9
CVE-2024-54304
HIGH
Hive Support - WordPress Help Desk <1.1.2 - SQL Injection
CVSS 8.5
CVE-2024-54292
CRITICAL
Appsplate <= 2.1.3 - SQL Injection
CVSS 9.3
CVE-2024-54261
CRITICAL
HK Digital Agency LLC TAX SERVICE Electronic HDM - SQL Injection
CVSS 10.0
CVE-2024-54258
HIGH
anza Ni CRM Lead <1.3.0 - SQL Injection
CVSS 8.5
CVE-2024-54234
CRITICAL
wp-buy Limit Login Attempts <5.5 - SQL Injection
CVSS 9.3
CVE-2024-52057
CRITICAL
RTI Connext Professional - SQL Injection
CVSS 9.8
CVE-2024-11837
CRITICAL
PlexTrac 1.61.3-2.8.1 - N1QL Injection
CVSS 9.8
CVE-2024-54811
CRITICAL
PHPGurukul Park Ticketing Management System 1.0 - SQL Injection via Login Parameter
CVSS 9.8
CVE-2024-54810
CRITICAL
PHPGurukul Pre-School Enrollment System 1.0 - SQL Injection via mobileno Parameter
CVSS 9.8
CVE-2024-55099
CRITICAL
phpgurukul Online Nurse Hiring System v1.0 - SQL Injection via Username Parameter
CVSS 9.8
Details
Vulnerabilities
19,654
Exploit Likelihood
High