CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,781 vulnerabilities with CWE-89
CVE-2022-47740
CRITICAL
Seltmann GmbH Content Management System 6 - SQL Injection via index.php
CVSS 9.8
CVE-2022-47105
CRITICAL
Jeecg-boot - SQL Injection via /sys/dict/queryTableData
CVSS 9.8
CVE-2022-43462
CRITICAL
Adeel Ahmed's IP Blacklist Cloud <5.00 - SQL Injection
CVSS 9.1
CVE-2022-4547
HIGH
Conditional Payment Methods for WooCommerce < 1.0.0 - Authenticated SQL Injection
CVSS 7.2
CVE-2022-41703
MEDIUM
Apache Superset <2.0.0 - SQL Injection
CVSS 5.4
CVE-2022-4889
MEDIUM
visegripped Stracker - SQL Injection
CVSS 5.5
CVE-2022-46093
HIGH
Hospital Management System v1.0 - SQL Injection
CVSS 8.2
CVE-2022-46956
HIGH
Dynamic Transaction Queuing System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46955
CRITICAL
Dynamic Transaction Queuing System v1.0 - SQL Injection
CVSS 9.8
CVE-2022-46954
CRITICAL
Dynamic Transaction Queuing System v1.0 - SQL Injection
CVSS 9.8
CVE-2022-46953
HIGH
Dynamic Transaction Queuing System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46952
HIGH
Dynamic Transaction Queuing System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46951
HIGH
Dynamic Transaction Queuing System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46950
HIGH
Dynamic Transaction Queuing System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46949
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46947
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46946
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-48090
MEDIUM
hotel_management_system 2022.4 - SQL Injection via CustomerDAO.php
CVSS 6.5
CVE-2022-46502
CRITICAL
Online Student Enrollment System v1.0 - SQL Injection
CVSS 9.8
CVE-2022-46471
CRITICAL
Online Health Care System v1.0 - SQL Injection
CVSS 9.8
CVE-2022-46623
HIGH
Judging Management System v1.0.0 - SQL Injection
CVSS 7.8
CVE-2022-46472
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-40615
MEDIUM
IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 - SQL Injection
CVSS 6.3
CVE-2022-47864
CRITICAL
Lead Management System v1.0 - SQL Injection via id Parameter in removeCategories.php
CVSS 9.8
CVE-2022-47862
CRITICAL
Lead Management System v1.0 - SQL Injection via customer_id Parameter
CVSS 9.8
Details
Vulnerabilities
19,781
Exploit Likelihood
High