CWE-89

High likelihood

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Parent: CWE-943 - Improper Neutralization of Special Elements in Data Query Logic

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

19,731 vulnerabilities with CWE-89
CVE-2023-6575 MEDIUM
Byzoro S210 <20231121 - SQL Injection
CVSS 6.3
CVE-2023-49429 CRITICAL
Tenda AX9 V22.03.01.46 - SQL Injection
CVSS 9.8
CVE-2023-48823 CRITICAL
GaatiTrack Courier Management System 1.0 - SQL Injection
CVSS 9.8
CVE-2023-5761 CRITICAL
Burst Statistics WordPress 1.4.0-1.4.6.1/1.5.0 Unauthenticated SQL Injection
CVSS 9.8
CVE-2023-46353 CRITICAL
Product Tag Icons Pro <1.8.4 - SQL Injection
CVSS 9.8
CVE-2023-6063 HIGH
WordPress WP Fastest Cache Unauthenticated SQLi (CVE-2023-6063)
CVSS 7.5
CVE-2023-5108 HIGH
Easy Newsletter Signups <1.0.4 - SQL Injection
CVSS 7.2
CVE-2023-48863 HIGH
SEMCMS 3.9 - SQL Injection
CVSS 7.5
CVE-2023-6464 MEDIUM
SourceCodester User Registration and Login System 1.0 - SQL Injection
CVSS 6.3
CVE-2023-48893 HIGH
SENAYAN Library Management System <9.6.1 - SQL Injection
CVSS 8.8
CVE-2023-48813 HIGH
Senayan Library Management System Bulian 9.6.1 - SQL Injection via Fines Report Module
CVSS 8.8
CVE-2023-49371 CRITICAL
ruoyi < 4.6.0 - SQL Injection via /system/dept/edit
CVSS 9.8
CVE-2023-5634 CRITICAL
ArslanSoft Education Portal < v1.1 - SQL Injection
CVSS 9.8
CVE-2023-48016 HIGH
Restaurant Table Booking System V1.0 - SQL Injection via Username Parameter
CVSS 7.5
CVE-2023-46956 HIGH
Packers and Movers Management System <1.0 - RCE
CVSS 7.2
CVE-2023-6360 HIGH
WordPress My Calendar <3.4.22 - SQL Injection
CVSS 8.6
CVE-2023-6402 MEDIUM
PHPGurukul Nipah Virus Testing Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2023-6418 CRITICAL
Voovi Social Networking Script <1.0 - SQL Injection
CVSS 9.8
CVE-2023-6417 CRITICAL
Voovi Social Networking Script <1.0 - SQL Injection
CVSS 9.8
CVE-2023-6416 CRITICAL
Voovi Social Networking Script <1.0 - SQL Injection
CVSS 9.8
CVE-2023-6415 CRITICAL
Voovi Social Networking Script <1.0 - SQL Injection
CVSS 9.8
CVE-2023-6414 CRITICAL
Voovi Social Networking Script <1.0 - SQL Injection
CVSS 9.8
CVE-2023-6413 CRITICAL
Voovi Social Networking Script <1.0 - SQL Injection
CVSS 9.8
CVE-2023-6412 CRITICAL
Voovi Social Networking Script <1.0 - SQL Injection
CVSS 9.8
CVE-2023-6411 CRITICAL
Voovi Social Networking Script <1.0 - SQL Injection
CVSS 9.8
Details
Vulnerabilities 19,731
Exploit Likelihood High