CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,718 vulnerabilities with CWE-89
CVE-2024-5113
MEDIUM
Campcodes Complete Web-Based School Management System 1.0 - SQL Inj...
CVSS 6.3
CVE-2024-5112
MEDIUM
Campcodes Complete Web-Based School Management System 1.0 - SQL Inj...
CVSS 6.3
CVE-2024-5111
MEDIUM
Campcodes Complete Web-Based School Management System 1.0 - SQL Inj...
CVSS 6.3
CVE-2024-5110
MEDIUM
Campcodes Complete Web-Based School Management System 1.0 - SQL Inj...
CVSS 6.3
CVE-2024-5109
MEDIUM
Campcodes Complete Web-Based School Management System 1.0 - SQL Inj...
CVSS 6.3
CVE-2024-5108
MEDIUM
Campcodes Complete Web-Based School Management System 1.0 - SQL Inj...
CVSS 6.3
CVE-2024-5107
MEDIUM
Campcodes Complete Web-Based School Management System 1.0 - SQL Inj...
CVSS 6.3
CVE-2024-5106
MEDIUM
Campcodes Complete Web-Based School Management System 1.0 - SQL Inj...
CVSS 6.3
CVE-2024-5105
MEDIUM
Campcodes Complete Web-Based School Management System 1.0 - SQL Inj...
CVSS 6.3
CVE-2024-5104
MEDIUM
Campcodes Complete Web-Based School Management System 1.0 - SQL Inj...
CVSS 6.3
CVE-2024-5103
MEDIUM
Campcodes Complete Web-Based School Management System 1.0 - SQL Inj...
CVSS 6.3
CVE-2024-5101
MEDIUM
SourceCodester Simple Inventory System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-5100
MEDIUM
SourceCodester Simple Inventory System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-5099
MEDIUM
Simple Inventory System 1.0 - SQL Injection via updateprice.php ITEM Parameter
CVSS 6.3
CVE-2024-5098
MEDIUM
Simple Inventory System 1.0 - SQL Injection via login.php Username Parameter
CVSS 5.5
CVE-2024-5094
HIGH
Best House Rental Management System 1.0 - SQL Injection via view_payment.php id Parameter
CVSS 7.3
CVE-2024-5093
HIGH
Best House Rental Management System 1.0 - SQL Injection via login.php Username/Password Parameters
CVSS 7.3
CVE-2024-5069
MEDIUM
Simple Online Men's Salon Management System 1.0 - SQL Injection via view_service.php id Parameter
CVSS 6.3
CVE-2024-5066
MEDIUM
PHPGurukul Online Course Registration System 3.1 - SQL Injection via Pincode Parameter
CVSS 6.3
CVE-2024-5065
HIGH
PHPGurukul Online Course Registration System 3.1 - SQL Injection via Regno Parameter
CVSS 7.3
CVE-2024-5064
HIGH
PHPGurukul Online Course Registration System 3.1 - SQL Injection via News Details nid Parameter
CVSS 7.3
CVE-2024-5063
HIGH
PHPGurukul Online Course Registration System 3.1 - SQL Injection via Admin Login
CVSS 7.3
CVE-2024-5051
MEDIUM
Gas Agency Management System 1.0 - SQL Injection via edituser.php id Parameter
CVSS 6.3
CVE-2024-5048
MEDIUM
code-projects Budget Management 1.0 - SQL Injection via edit Parameter
CVSS 6.3
CVE-2024-5046
HIGH
Online Examination System 1.0 - SQL Injection via registeracc.php Email Parameter
CVSS 7.3
Details
Vulnerabilities
19,718
Exploit Likelihood
High