CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,654 vulnerabilities with CWE-89
CVE-2024-52474
CRITICAL
Express Payments Module <1.1.8 - SQL Injection
CVSS 9.3
CVE-2024-53603
HIGH
PHPGurukul COVID 19 Testing Management System 1.0 - SQL Injection via Contact Number Parameter
CVSS 7.3
CVE-2024-42327
CRITICAL
Zabbix 6.0.0-6.0.32 - Authenticated SQL Injection via CUser.addRelatedObjects
CVSS 9.9
CVE-2024-11009
MEDIUM
WordPress Auto internal links <1.2.1 - SQL Injection
CVSS 4.9
CVE-2024-11025
MEDIUM
SMA Sunny Central Storage < 10.01.18.R - Authenticated SQL Injection via Administration Panel
CVSS 5.4
CVE-2024-11819
HIGH
1000 Projects Portfolio Management System MCA 1.0 - SQL Injection
CVSS 7.3
CVE-2024-11818
HIGH
PHPGurukul User Registration & Login and User Management System 1.0 - SQL Injection via Email Parameter in Signup
CVSS 7.3
CVE-2024-11817
HIGH
PHPGurukul User Registration & Login and User Management System 1.0 - SQL Injection via Username Parameter
CVSS 7.3
CVE-2024-50942
CRITICAL
qiwen-file 1.4.0 - SQL Injection via NoticeMapper.xml
CVSS 9.8
CVE-2024-11744
HIGH
1000 Projects Portfolio Management System MCA 1.0 - SQL Injection
CVSS 7.3
CVE-2024-10570
HIGH
CleanTalk plugin <2.145 - SQL Injection
CVSS 7.5
CVE-2024-53597
MEDIUM
masterstack_imgcap <0.0.1 - SQL Injection
CVSS 6.3
CVE-2024-50672
CRITICAL
Adapt Learning Adapt Authoring Tool <= 0.11.3 - SQL Injection
CVSS 9.8
CVE-2024-45756
HIGH
Centreon centreon-open-tickets <24.10.0 - SQL Injection
CVSS 7.2
CVE-2024-45755
HIGH
Centreon centreon-dsm-server <24.10.0, <24.04.3, <23.10.1, <23.04.3...
CVSS 7.2
CVE-2024-11663
HIGH
Codezips E-Commerce Site 1.0 - SQL Injection
CVSS 7.3
CVE-2024-11649
HIGH
1000 Projects Beauty Parlour Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2024-11648
HIGH
1000 Projects Beauty Parlour Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2024-11647
HIGH
1000 Projects Beauty Parlour Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2024-11646
HIGH
1000 Projects Beauty Parlour Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2024-11632
HIGH
Simple Car Rental System 1.0 - SQL Injection
CVSS 7.3
CVE-2024-11631
MEDIUM
itsourcecode Tailoring Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-8355
MEDIUM
Visteon Infotainment System - SQL Injection
CVSS 6.8
CVE-2024-53438
CRITICAL
ChurchCRM 5.7.0 - SQL Injection via Event Parameter
CVSS 9.8
CVE-2024-7882
MEDIUM
Special Minds Design and Software e-Commerce <22.11.2024 - SQL Inje...
CVSS 6.5
Details
Vulnerabilities
19,654
Exploit Likelihood
High