CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,806 vulnerabilities with CWE-89
CVE-2022-31101
HIGH
PrestaShop blockwishlist < 2.1.1 - Authenticated SQL Injection
CVSS 8.1
CVE-2022-31092
HIGH
pimcore < 10.4.4 - SQL Injection via Listing Class Order/Group Methods
CVSS 7.5
CVE-2022-31082
MEDIUM
glpi-inventory-plugin < 1.0.2 - SQL Injection via Package Deployment Tasks
CVSS 5.8
CVE-2022-2214
MEDIUM
SourceCodester Library Management System 1.0 - SQL Injection via id Parameter in bookdetails.php
CVSS 6.3
CVE-2022-33128
CRITICAL
RG-EG series gateway EG350 EG_RGOS 11.1(6) - SQL Injection
CVSS 9.1
CVE-2022-22389
MEDIUM
IBM Db2 9.7, 10.1, 10.5, 11.1, 11.5 - Authenticated Denial of Service via Crafted SQL Statements
CVSS 6.5
CVE-2022-32405
HIGH
Prison Management System 1.0 - SQL Injection via id Parameter
CVSS 8.8
CVE-2022-32404
HIGH
Prison Management System 1.0 - SQL Injection via id Parameter
CVSS 8.8
CVE-2022-32403
HIGH
Prison Management System 1.0 - SQL Injection via 'id' Parameter
CVSS 8.8
CVE-2022-32402
HIGH
Prison Management System 1.0 - SQL Injection via id Parameter
CVSS 8.8
CVE-2022-32401
HIGH
Prison Management System v1.0 - SQL Injection via 'id' Parameter
CVSS 8.8
CVE-2022-32400
HIGH
Prison Management System 1.0 - SQL Injection via id Parameter
CVSS 7.2
CVE-2022-32399
HIGH
Prison Management System 1.0 - SQL Injection via id Parameter
CVSS 8.8
CVE-2022-32398
HIGH
Prison Management System v1.0 - SQL Injection via 'id' Parameter
CVSS 8.8
CVE-2022-32397
HIGH
Prison Management System 1.0 - SQL Injection via 'id' Parameter
CVSS 8.8
CVE-2022-32396
HIGH
Prison Management System 1.0 - SQL Injection via id Parameter
CVSS 8.8
CVE-2022-32395
HIGH
Prison Management System 1.0 - SQL Injection via id Parameter
CVSS 8.8
CVE-2022-32394
HIGH
Prison Management System 1.0 - SQL Injection via id Parameter
CVSS 8.8
CVE-2022-32393
HIGH
Prison Management System 1.0 - SQL Injection via id Parameter
CVSS 8.8
CVE-2022-32392
HIGH
Prison Management System 1.0 - SQL Injection via id Parameter
CVSS 8.8
CVE-2022-32391
HIGH
Prison Management System 1.0 - SQL Injection via id Parameter
CVSS 8.8
CVE-2022-33114
HIGH
jfinal_cms 5.1.0 - SQL Injection via attrVal Parameter
CVSS 7.2
CVE-2022-33097
HIGH
74cmsse 3.5.1 - SQL Injection via Keyword Parameter
CVSS 7.5
CVE-2022-33096
HIGH
74cmsse 3.5.1 - SQL Injection via Keyword Parameter
CVSS 7.5
CVE-2022-33095
HIGH
74cmsSE 3.5.1 - SQL Injection via Resume List Keyword Parameter
CVSS 7.5
Details
Vulnerabilities
19,806
Exploit Likelihood
High