CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,781 vulnerabilities with CWE-89
CVE-2022-4566
MEDIUM
y_project RuoYi <4.7.5 - SQL Injection
CVSS 5.5
CVE-2022-42535
MEDIUM
Android - SQL Injection in MmsSmsProvider.java
CVSS 5.5
CVE-2022-20518
MEDIUM
Android 13 - SQL Injection in MmsSmsProvider.java
CVSS 5.5
CVE-2022-20517
MEDIUM
Android - SQL Injection in MmsSmsProvider.java
CVSS 5.5
CVE-2022-44588
CRITICAL
Cryptocurrency Widgets Pack < 1.8.1 - Unauthenticated SQL Injection
CVSS 9.9
CVE-2022-38488
CRITICAL
logrocket-oauth2-example <2020-05-27 - SQL Injection
CVSS 9.8
CVE-2022-46443
HIGH
mesinkasir Bangresto 1.0 - SQL Injection
CVSS 8.8
CVE-2022-46072
CRITICAL
Helmet Store Showroom v1.0 - SQL Injection
CVSS 9.8
CVE-2022-46071
CRITICAL
Helmet Store Showroom v1.0 - SQL Injection
CVSS 9.8
CVE-2022-46127
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46126
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46125
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46124
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46123
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46122
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46121
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46120
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46119
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46118
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-46117
HIGH
Helmet Store Showroom Site v1.0 - SQL Injection
CVSS 7.2
CVE-2022-4454
MEDIUM
m0ver bible-online < 2022-10-02 - SQL Injection in Search Handler
CVSS 5.5
CVE-2022-46051
HIGH
AeroCMS - SQL Injection via Approve Parameter
CVSS 7.2
CVE-2022-46047
MEDIUM
AeroCMS v0.0.1 - SQL Injection via Delete Parameter
CVSS 4.9
CVE-2022-41272
CRITICAL
SAP NetWeaver PI <7.50 - Info Disclosure
CVSS 9.9
CVE-2022-41271
CRITICAL
SAP NetWeaver PI 7.50 - Info Disclosure
CVSS 9.4
Details
Vulnerabilities
19,781
Exploit Likelihood
High