CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,710 vulnerabilities with CWE-89
CVE-2024-7150
HIGH
10web Slider < 1.2.57 - Authenticated Time-Based SQL Injection via ID Parameter
CVSS 8.8
CVE-2024-41237
CRITICAL
Kashipara Responsive School Management System 1.0 - SQL Injection via Teacher Login Username Parameter
CVSS 9.8
CVE-2024-34480
CRITICAL
SourceCodester Computer Lab Mgt Sys 1.0 - SQL Injection
CVSS 9.8
CVE-2024-34479
CRITICAL
SourceCodester Computer Lab Mgmt Sys 1.0 - SQL Injection
CVSS 9.8
CVE-2024-42005
HIGH
Django 4.2-4.2.14 and 5.0-5.0.7 - SQL Injection via JSONField QuerySet.values() Column Alias
CVSS 7.3
CVE-2024-33974
CRITICAL
janobe school_attendence_monitoring_system 1.0 - SQL Injection via /report/printlogs.php Users Parameter
CVSS 9.8
CVE-2024-33973
CRITICAL
PayPal, Credit Card & Debit Card Payment 1.0 - SQL Injection
CVSS 9.8
CVE-2024-33972
CRITICAL
janobe Credit Card, Debit Card Payment, PayPal 1.0 - SQL Injection via Event Print Parameter
CVSS 9.8
CVE-2024-33971
CRITICAL
janobe Credit Card, Debit Card Payment, and PayPal 1.0 - SQL Injection via Login Username Parameter
CVSS 9.8
CVE-2024-33970
CRITICAL
janobe Credit Card, Debit Card Payment, and PayPal 1.0 - SQL Injection via studid Parameter
CVSS 9.8
CVE-2024-33969
CRITICAL
PayPal, Credit Card & Debit Card Payment <1.0 - SQL Injection
CVSS 9.8
CVE-2024-33968
CRITICAL
PayPal, Credit Card & Debit Card Payment <1.0 - SQL Injection
CVSS 9.8
CVE-2024-33967
CRITICAL
PayPal, Credit Card & Debit Card Payment <1.0 - SQL Injection
CVSS 9.8
CVE-2024-33966
CRITICAL
PayPal, Credit Card & Debit Card Payment <1.0 - SQL Injection
CVSS 9.8
CVE-2024-33965
CRITICAL
PayPal, Credit Card & Debit Card Payment <1.0 - SQL Injection
CVSS 9.8
CVE-2024-33964
CRITICAL
PayPal, Credit Card & Debit Card Payment <1.0 - SQL Injection
CVSS 9.8
CVE-2024-33963
CRITICAL
janobe Credit Card, Debit Card Payment, and PayPal 1.0 - SQL Injection via id Parameter
CVSS 9.8
CVE-2024-33962
CRITICAL
PayPal, Credit Card & Debit Card Payment <1.0 - SQL Injection
CVSS 9.8
CVE-2024-33961
CRITICAL
PayPal, Credit Card & Debit Card Payment <1.0 - SQL Injection
CVSS 9.8
CVE-2024-33960
CRITICAL
PayPal, Credit Card & Debit Card Payment <1.0 - SQL Injection
CVSS 9.8
CVE-2024-33959
CRITICAL
PayPal, Credit Card & Debit Card Payment 1.0 - SQL Injection
CVSS 9.8
CVE-2024-33958
CRITICAL
E-Negosyo System <1.0 - SQL Injection
CVSS 9.8
CVE-2024-33957
CRITICAL
E-Negosyo System <1.0 - SQL Injection
CVSS 9.8
CVE-2024-7505
HIGH
Bike Delivery System 1.0 - SQL Injection via contact_us_action.php name Parameter
CVSS 7.3
CVE-2024-7009
MEDIUM
calibre <= 7.15.0 - Authenticated SQL Injection via Full-Text Search
CVSS 4.2
Details
Vulnerabilities
19,710
Exploit Likelihood
High