CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,730 vulnerabilities with CWE-89
CVE-2023-49689
CRITICAL
kashipara job_portal v1.0 - Unauthenticated SQL Injection via JobId Parameter
CVSS 9.8
CVE-2023-49688
CRITICAL
kashipara job_portal v1.0 - Unauthenticated SQL Injection via txtUser Parameter
CVSS 9.8
CVE-2023-49681
CRITICAL
Job Portal v1.0 - Unauthenticated SQL Injection via cmbQual Parameter
CVSS 9.8
CVE-2023-49677
CRITICAL
Job Portal v1.0 - Unauthenticated SQL Injection via cmbQual Parameter
CVSS 9.8
CVE-2023-48722
CRITICAL
Student Result Management System v1.0 - SQL Injection
CVSS 9.8
CVE-2023-48720
CRITICAL
Student Result Management System v1.0 - Unauthenticated SQL Injection
CVSS 9.8
CVE-2023-48718
CRITICAL
Student Result Management System v1.0 - SQL Injection
CVSS 9.8
CVE-2023-48716
CRITICAL
Student Result Management System v1.0 - SQL Injection
CVSS 9.8
CVE-2023-48689
CRITICAL
Railway Reservation System v1.0 - SQL Injection
CVSS 9.8
CVE-2023-48687
CRITICAL
Railway Reservation System v1.0 - SQL Injection
CVSS 9.8
CVE-2023-48685
CRITICAL
Railway Reservation System v1.0 - SQL Injection
CVSS 9.8
CVE-2023-44482
HIGH
Leave Management System Project 1.0 - Authenticated SQL Injection via setsickleave Parameter
CVSS 8.8
CVE-2023-44481
HIGH
Leave Management System Project 1.0 - Authenticated SQL Injection via setearnleave Parameter
CVSS 8.8
CVE-2023-45121
HIGH
Online Examination System 1.0 - Authenticated SQL Injection via desc Parameter
CVSS 8.8
CVE-2023-45120
HIGH
Online Examination System 1.0 - Authenticated SQL Injection via qid Parameter
CVSS 8.8
CVE-2023-51052
CRITICAL
S-CMS 5.0 - SQL Injection via A_formauth Parameter
CVSS 9.8
CVE-2023-51051
CRITICAL
S-CMS 5.0 - SQL Injection via A_textauth Parameter
CVSS 9.8
CVE-2023-51050
CRITICAL
S-CMS 5.0 - SQL Injection via A_productauth Parameter
CVSS 9.8
CVE-2023-51049
CRITICAL
S-CMS 5.0 - SQL Injection via A_bbsauth Parameter
CVSS 9.8
CVE-2023-51048
CRITICAL
S-CMS 5.0 - SQL Injection via A_newsauth Parameter
CVSS 9.8
CVE-2023-45119
HIGH
Online Examination System 1.0 - Authenticated SQL Injection via Quiz Update Parameter
CVSS 8.8
CVE-2023-45118
HIGH
Online Examination System 1.0 - Authenticated SQL Injection via fdid Parameter
CVSS 8.8
CVE-2023-45117
HIGH
Online Examination System 1.0 - Authenticated SQL Injection via eid Parameter
CVSS 8.8
CVE-2023-45116
HIGH
Online Examination System 1.0 - Authenticated SQL Injection via demail Parameter
CVSS 8.8
CVE-2023-45115
HIGH
Online Examination System 1.0 - Authenticated SQL Injection via ch Parameter
CVSS 8.8
Details
Vulnerabilities
19,730
Exploit Likelihood
High