CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,779 vulnerabilities with CWE-89
CVE-2022-28132
HIGH
T-Soft E-Commerce 4 - SQL Injection
CVSS 7.2
CVE-2022-47151
HIGH
JS Help Desk <2.7.1 - SQL Injection
CVSS 8.6
CVE-2022-43216
CRITICAL
AbrhilSoft Employee's Portal <5.6.2 - SQL Injection
CVSS 9.1
CVE-2022-4963
MEDIUM
Folio Spring Module Core < 2.0.0 - SQL Injection in Schema Name Handler
CVSS 5.5
CVE-2022-46499
HIGH
Hospital Management System 1.0 - SQL Injection
CVSS 8.8
CVE-2022-46498
LOW
Hospital Management System 1.0 - SQL Injection
CVSS 2.7
CVE-2022-46497
HIGH
Hospital Management System 1.0 - SQL Injection
CVSS 8.1
CVE-2022-43842
HIGH
IBM Aspera Console <3.4.2 - SQL Injection
CVSS 8.6
CVE-2022-47072
CRITICAL
Enterprise Architect <16.0.1605 - SQL Injection
CVSS 9.8
CVE-2022-3764
HIGH
Form Vibes < 1.4.6 - SQL Injection via Delete Entries Parameter
CVSS 7.2
CVE-2022-4961
MEDIUM
Weitong Mall 1.0.0 - SQL Injection via OrderDao.xml sidx/order Parameter
CVSS 5.5
CVE-2022-39822
HIGH
Nokia Network Functions Manager for Transport R19.9 - Authenticated SQL Injection via id or host Parameter
CVSS 8.8
CVE-2022-47532
CRITICAL
FileRun 20220519 - SQL Injection via dir Parameter
CVSS 9.8
CVE-2022-45135
CRITICAL
Apache Cocoon 2.2.0-2.2.9 - SQL Injection
CVSS 9.8
CVE-2022-47432
MEDIUM
Shortcode IMDB < 6.0.8 - SQL Injection
CVSS 6.7
CVE-2022-47430
MEDIUM
The School Management - Education & Learning Management <= 4.1 - SQL Injection
CVSS 6.7
CVE-2022-47428
MEDIUM
WpDevArt Booking calendar, Appointment Booking System <= 3.2.7 - SQL Injection
CVSS 6.7
CVE-2022-47420
MEDIUM
Accessibility Suite by Online ADA < 4.12 - SQL Injection
CVSS 6.4
CVE-2022-46860
HIGH
KaizenCoders Short URL <1.6.4 - SQL Injection
CVSS 8.5
CVE-2022-46849
HIGH
Weblizar Coming Soon Page - SQL Injection
CVSS 7.6
CVE-2022-45373
HIGH
Slimstat Analytics <= 5.0.4 - SQL Injection
CVSS 8.8
CVE-2022-46818
HIGH
Gopi Ramasamy Email <6.2 - SQL Injection
CVSS 8.2
CVE-2022-47445
HIGH
Be POPIA Compliant < 1.2.0 - SQL Injection
CVSS 8.2
CVE-2022-47426
MEDIUM
Neshan Maps < 1.1.4 - SQL Injection
CVSS 6.0
CVE-2022-46859
HIGH
Spiffy Calendar <4.9.1 - SQL Injection
CVSS 8.5
Details
Vulnerabilities
19,779
Exploit Likelihood
High