CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,493 vulnerabilities with CWE-89
CVE-2026-36236
CRITICAL
SourceCodester Engineers Online Portal 1.0 - SQL Injection
CVSS 9.8
CVE-2026-36235
CRITICAL
Online Student Enrollment System 1.0 - SQL Injection
CVSS 9.8
CVE-2026-36234
CRITICAL
Online Student Enrollment System 1.0 - SQL Injection
CVSS 9.8
CVE-2026-36233
CRITICAL
Online Student Enrollment System 1.0 - SQL Injection
CVSS 9.8
CVE-2026-36232
CRITICAL
Online Student Enrollment System 1.0 - SQL Injection
CVSS 9.8
CVE-2026-29861
CRITICAL
PHP-MYSQL-User-Login-System 1.0 - SQL Injection
CVSS 9.8
CVE-2026-23780
HIGH
BMC Control-M/MFT 9.0.20-9.0.22 - SQL Injection
CVSS 8.8
CVE-2026-6038
HIGH
code-projects Vehicle Showroom Management System RegisterCustomerFunction.php sql injection
CVSS 7.3
CVE-2026-6037
HIGH
code-projects Vehicle Showroom Management System AddVehicleFunction.php sql injection
CVSS 7.3
CVE-2026-6036
HIGH
code-projects Vehicle Showroom Management System VehicleDetailsFunction.php sql injection
CVSS 7.3
CVE-2026-6033
MEDIUM
CodeAstro Online Classroom updatedetailsfromstudent.php sql injection
CVSS 6.3
CVE-2026-6031
HIGH
code-projects Simple IT Discussion Forum add-category-function.php sql injection
CVSS 7.3
CVE-2026-6030
MEDIUM
itsourcecode Construction Management System del1.php sql injection
CVSS 6.3
CVE-2026-6010
MEDIUM
CodeAstro Online Classroom takeassessment2.php sql injection
CVSS 6.3
CVE-2026-6007
MEDIUM
itsourcecode Construction Management System del.php sql injection
CVSS 6.3
CVE-2026-6006
MEDIUM
code-projects Patient Record Management System edit_hpatient.php sql injection
CVSS 6.3
CVE-2026-6005
MEDIUM
code-projects Patient Record Management System hematology_print.php sql injection
CVSS 6.3
CVE-2026-6004
HIGH
code-projects Simple IT Discussion Forum delete-category.php sql injection
CVSS 7.3
CVE-2026-5985
HIGH
code-projects Simple IT Discussion Forum crud.php sql injection
CVSS 7.3
CVE-2026-5961
HIGH
code-projects Simple IT Discussion Forum topic-details.php sql injection
CVSS 7.3
CVE-2026-4112
HIGH
SonicWall SMA1000 < 12.4.3-03245 (platform-hotfix) and < 12.5.0-02283 (platform-hotfix) - Authenticated SQL Injection
CVSS 7.2
CVE-2026-34185
HIGH
SQL Injection in Hydrosystem Control System
CVSS 8.8
CVE-2026-5840
MEDIUM
PHPGurukul News Portal Project check_availability.php sql injection
CVSS 4.7
CVE-2026-5839
MEDIUM
PHPGurukul News Portal Project add-subcategory.php sql injection
CVSS 4.7
CVE-2026-5838
MEDIUM
PHPGurukul News Portal Project add-subadmins.php sql injection
CVSS 4.7
Details
Vulnerabilities
19,493
Exploit Likelihood
High