CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,801 vulnerabilities with CWE-89
CVE-2022-36734
CRITICAL
Library Management System 1.0 - SQL Injection via RollNo Parameter
CVSS 9.8
CVE-2022-36733
CRITICAL
Library Management System 1.0 - SQL Injection via M_Id Parameter
CVSS 9.8
CVE-2022-36732
CRITICAL
Library Management System 1.0 - SQL Injection via id Parameter
CVSS 9.8
CVE-2022-36731
CRITICAL
Library Management System 1.0 - SQL Injection via RollNo Parameter
CVSS 9.8
CVE-2022-36730
CRITICAL
Library Management System v1.0 - SQL Injection via bookId Parameter
CVSS 9.8
CVE-2022-38118
HIGH
OAKlouds Portal 2.0-<2.0-163 - Authenticated SQL Injection via Meeting Room Input
CVSS 8.8
CVE-2022-36714
CRITICAL
Library Management System 1.0 - SQL Injection via Section Parameter
CVSS 9.8
CVE-2022-36713
CRITICAL
Library Management System 1.0 - SQL Injection via Section Parameter
CVSS 9.8
CVE-2022-36712
CRITICAL
Library Management System 1.0 - SQL Injection via id Parameter
CVSS 9.8
CVE-2022-36711
CRITICAL
Library Management System 1.0 - SQL Injection via id Parameter
CVSS 9.8
CVE-2022-36709
CRITICAL
Library Management System 1.0 - SQL Injection via id Parameter
CVSS 9.8
CVE-2022-2559
HIGH
Fluent Support WP <1.5.8 - SQL Injection
CVSS 7.2
CVE-2022-1123
HIGH
Leaflet Maps Marker < 3.12.5 - Authenticated SQL Injection
CVSS 7.2
CVE-2022-36690
HIGH
Ingredients Stock Management System 1.0 - SQL Injection via id Parameter
CVSS 8.8
CVE-2022-36689
HIGH
Ingredients Stock Management System 1.0 - SQL Injection via Month Parameter
CVSS 8.8
CVE-2022-36688
HIGH
Ingredients Stock Management System 1.0 - SQL Injection via Month Parameter
CVSS 8.8
CVE-2022-36686
HIGH
Ingredients Stock Management System 1.0 - SQL Injection via Month Parameter
CVSS 8.8
CVE-2022-22897
CRITICAL
ApolloTheme AP PageBuilder <= 2.4.4 - Unauthenticated SQL Injection via product_all_one_img and image_product Parameters
CVSS 9.8
CVE-2022-36708
CRITICAL
Library Management System 1.0 - SQL Injection via Id Parameter
CVSS 9.8
CVE-2022-36706
CRITICAL
Ingredients Stock Management System 1.0 - SQL Injection via Id Parameter
CVSS 9.8
CVE-2022-36705
CRITICAL
Ingredients Stock Management System 1.0 - SQL Injection via Id Parameter
CVSS 9.8
CVE-2022-36704
HIGH
Library Management System 1.0 - SQL Injection via Id Parameter
CVSS 8.8
CVE-2022-3013
MEDIUM
SourceCodester Simple Task Managing System - SQL Injection
CVSS 6.3
CVE-2022-3012
MEDIUM
oretnom23 Fast Food Ordering System - SQL Injection
CVSS 6.3
CVE-2022-36545
CRITICAL
Edoc-doctor-appointment-system v1.0.1 - SQL Injection
CVSS 9.8
Details
Vulnerabilities
19,801
Exploit Likelihood
High