CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,782 vulnerabilities with CWE-89
CVE-2022-43362
HIGH
Senayan Library Management System <9.4.2 - SQL Injection
CVSS 7.2
CVE-2022-43331
HIGH
Canteen Management System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-43330
HIGH
Canteen Management System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-43329
HIGH
Canteen Management System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-43328
HIGH
Canteen Management System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-40839
HIGH
NdkAdvancedCustomizationFields <3.5.0 - SQL Injection
CVSS 7.5
CVE-2022-3802
MEDIUM
IBAX go-ibax < 1.4.2 - SQL Injection via /api/v2/open/rowsInfo Where Parameter
CVSS 6.3
CVE-2022-3801
MEDIUM
IBAX go-ibax < 1.4.2 - SQL Injection via /api/v2/open/rowsInfo Order Parameter
CVSS 6.3
CVE-2022-3800
MEDIUM
IBAX go-ibax < 1.4.2 - SQL Injection via /api/v2/open/rowsInfo table_name Parameter
CVSS 6.3
CVE-2022-3799
MEDIUM
IBAX go-ibax < 1.4.2 - SQL Injection via /api/v2/open/tablesInfo
CVSS 6.3
CVE-2022-3798
MEDIUM
IBAX go-ibax < 1.4.2 - SQL Injection via /api/v2/open/tablesInfo
CVSS 6.3
CVE-2022-43127
HIGH
Online Diagnostic Lab Management System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-43126
HIGH
Online Diagnostic Lab Management System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-43125
HIGH
Online Diagnostic Lab Management System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-43124
HIGH
Online Diagnostic Lab Management System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-43086
MEDIUM
codeastro restaurant_pos_system 1.0 - SQL Injection via update_customer.php
CVSS 4.9
CVE-2022-43081
HIGH
Fast Food Ordering System 1.0 - SQL Injection via Purchase Endpoint
CVSS 7.5
CVE-2022-3789
MEDIUM
Tim Campus Confession Wall - SQL Injection via share.php post_id Parameter
CVSS 5.5
CVE-2022-43355
HIGH
Sanitization Management System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-43354
HIGH
Sanitization Management System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-43353
HIGH
Sanitization Management System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-3059
HIGH
Application <version> - SQL Injection
CVSS 8.6
CVE-2022-42924
HIGH
Formalms < 3.2.1 - SQL Injection
CVSS 7.6
CVE-2022-42923
HIGH
Formalms < 3.2.1 - SQL Injection
CVSS 8.3
CVE-2022-41680
HIGH
Forma LMS <3.1.0 - SQL Injection
CVSS 7.6
Details
Vulnerabilities
19,782
Exploit Likelihood
High