CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,718 vulnerabilities with CWE-89
CVE-2024-4609
CRITICAL
Rockwell Automation FactoryTalk View < 11.0 - SQL Injection via Datalog Function
CVSS 9.8
CVE-2024-4992
CRITICAL
SiAdmin 1.1 - SQL Injection via nim Parameter in aksi_kuliah.php
CVSS 9.8
CVE-2024-4991
CRITICAL
SiAdmin 1.1 - SQL Injection via nama_lengkap Parameter
CVSS 9.8
CVE-2024-4826
CRITICAL
Simple PHP Shopping Cart <0.9 - SQL Injection
CVSS 9.8
CVE-2024-4973
MEDIUM
Simple Chat System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4351
HIGH
Tutor LMS Pro <= 2.7.0 - Authenticated Missing Authorization in Authenticate Function
CVSS 8.8
CVE-2024-4972
MEDIUM
Simple Chat System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4967
MEDIUM
SourceCodester Interactive Map 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4318
HIGH
Tutor LMS < 2.7.0 - Authenticated Time-Based SQL Injection via Question ID Parameter
CVSS 8.8
CVE-2024-4945
MEDIUM
SourceCodester Best Courier Management System 1.0 - Unrestricted Up...
CVSS 4.3
CVE-2024-4933
MEDIUM
SourceCodester Simple Online Bidding System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4932
MEDIUM
SourceCodester Simple Online Bidding System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4931
MEDIUM
SourceCodester Simple Online Bidding System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4930
MEDIUM
SourceCodester Simple Online Bidding System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4928
MEDIUM
SourceCodester Simple Online Bidding System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4926
MEDIUM
SourceCodester School Intramurals Student Attendance Management Sys...
CVSS 6.3
CVE-2024-4925
MEDIUM
SourceCodester School Intramurals Student Attendance Management Sys...
CVSS 6.3
CVE-2024-4919
MEDIUM
Campcodes Online Examination System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4918
MEDIUM
Campcodes Online Examination System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4917
MEDIUM
Campcodes Online Examination System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4916
MEDIUM
Campcodes Online Examination System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4915
MEDIUM
Campcodes Online Examination System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4914
MEDIUM
Campcodes Online Examination System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4913
MEDIUM
Campcodes Online Examination System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-4912
MEDIUM
Campcodes Online Examination System 1.0 - SQL Injection
CVSS 6.3
Details
Vulnerabilities
19,718
Exploit Likelihood
High