CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,680 vulnerabilities with CWE-89
CVE-2024-8945
MEDIUM
RISE Ultimate Project Manager 3.7.0 - SQL Injection via Dashboard Save ID Parameter
CVSS 5.5
CVE-2024-8944
HIGH
Hospital Management System 1.0 - SQL Injection via check_availability.php Email Parameter
CVSS 7.3
CVE-2024-6401
CRITICAL
SFS Consulting InsureE GL <4.6.2 - SQL Injection
CVSS 9.8
CVE-2024-8868
HIGH
code-projects Crud Operation System 1.0 - SQL Injection via savedata.php sname Argument
CVSS 7.3
CVE-2024-8669
CRITICAL
Backuply WordPress <1.3.4 - SQL Injection
CVSS 9.1
CVE-2024-44430
CRITICAL
Best Free Law Office Management Software 1.0 - SQL Injection via kortex_lite/control/register_case.php
CVSS 9.8
CVE-2024-8784
MEDIUM
QDocs Smart School Management System 7.0.0 - SQL Injection
CVSS 6.3
CVE-2024-6723
MEDIUM
AI Engine WordPress <2.4.8 - SQL Injection
CVSS 4.7
CVE-2024-8762
MEDIUM
Code-projects Crud Operation System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-34334
HIGH
ORDAT FOSS-Online <v2.24.01 - SQL Injection
CVSS 7.5
CVE-2024-8749
HIGH
i-doit pro 28 - SQL Injection via ID Parameter in cmdb_objects_by_relation.class.php
CVSS 8.8
CVE-2024-8529
CRITICAL
WordPress LearnPress Unauthenticated SQLi (CVE-2024-8522, CVE-2024-8529)
CVSS 10.0
CVE-2024-8522
CRITICAL
LearnPress - WordPress LMS Plugin <4.2.7 - SQL Injection
CVSS 10.0
CVE-2024-7766
HIGH
Adicon Server < 1.2 - Authenticated SQL Injection
CVSS 7.2
CVE-2024-8710
MEDIUM
code-projects Inventory Management 1.0 - SQL Injection
CVSS 6.3
CVE-2024-8709
MEDIUM
SourceCodester Best House Rental Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-34785
HIGH
Ivanti Endpoint Manager < 2022 SU6 and 2024 < September Update - Authenticated SQL Injection
CVSS 7.2
CVE-2024-34783
HIGH
Ivanti Endpoint Manager < 2022 SU6 - Authenticated SQL Injection
CVSS 7.2
CVE-2024-34779
HIGH
Ivanti Endpoint Manager < 2022 SU6 - Authenticated SQL Injection
CVSS 7.2
CVE-2024-32848
HIGH
Ivanti Endpoint Manager < 2022 SU6 and 2024 < September Update - Authenticated SQL Injection
CVSS 7.2
CVE-2024-32846
HIGH
Ivanti Endpoint Manager < 2022 SU6 - Authenticated SQL Injection
CVSS 7.2
CVE-2024-32845
HIGH
Ivanti Endpoint Manager < 2022 SU6 and 2024 < September Update - Authenticated SQL Injection
CVSS 7.2
CVE-2024-32843
HIGH
Ivanti Endpoint Manager < 2022 SU6 and 2024 < September Update - Authenticated SQL Injection
CVSS 7.2
CVE-2024-32842
HIGH
Ivanti Endpoint Manager < 2022 SU6 and 2024 < September Update - Authenticated SQL Injection
CVSS 7.2
CVE-2024-32840
HIGH
Ivanti Endpoint Manager < 2022 SU6 and 2024 < September Update - Authenticated SQL Injection
CVSS 7.2
Details
Vulnerabilities
19,680
Exploit Likelihood
High