CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,669 vulnerabilities with CWE-89
CVE-2024-49609
HIGH
Brandon White Author Discussion <0.2.2 - SQL Injection
CVSS 8.5
CVE-2024-47325
HIGH
Themeisle MPG <3.4.7 - SQL Injection
CVSS 8.5
CVE-2024-49623
HIGH
Hasan Movahed Duplicate Title Validate <1.0 - SQL Injection
CVSS 8.5
CVE-2024-10195
MEDIUM
Tecno 4G Portable WiFi TR118 V008-20220830 - SQL Injection
CVSS 4.7
CVE-2024-10171
MEDIUM
Blood Bank System <1.0 - SQL Injection
CVSS 4.7
CVE-2024-10170
MEDIUM
Hospital Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-10169
MEDIUM
Hospital Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-10167
HIGH
Codezips Sales Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2024-10166
HIGH
Codezips Sales Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2024-10165
HIGH
Codezips Sales Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2024-10163
MEDIUM
SourceCodester Sentiment Based Movie Rating System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-10162
MEDIUM
PHPGurukul Boat Booking System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-10160
MEDIUM
PHPGurukul Boat Booking System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-10159
HIGH
PHPGurukul Boat Booking System 1.0 - SQL Injection
CVSS 7.3
CVE-2024-10157
HIGH
PHPGurukul Boat Booking System 1.0 - SQL Injection
CVSS 7.3
CVE-2024-10156
HIGH
PHPGurukul Boat Booking System 1.0 - SQL Injection
CVSS 7.3
CVE-2024-10154
MEDIUM
PHPGurukul Boat Booking System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-10153
MEDIUM
PHPGurukul Boat Booking System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-10140
MEDIUM
Pharmacy Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-10139
MEDIUM
Pharmacy Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-10138
MEDIUM
Pharmacy Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-10137
MEDIUM
Pharmacy Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-10136
MEDIUM
Pharmacy Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-10135
MEDIUM
ESAFENET CDG 5 - SQL Injection via NetSecConfigService actionDelNetSecConfig id Parameter
CVSS 6.3
CVE-2024-10134
MEDIUM
ESAFENET CDG 5 - SQL Injection via MultiServerAjax.java connectLogout servername Parameter
CVSS 6.3
Details
Vulnerabilities
19,669
Exploit Likelihood
High