CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,807 vulnerabilities with CWE-89
CVE-2022-1684
LOW
Cube Slider < 1.2 - Authenticated SQL Injection via idslider Parameter
CVSS 2.7
CVE-2022-1683
HIGH
amtyThumb < 4.2.0 - Authenticated SQL Injection via Shortcode Parameter
CVSS 8.8
CVE-2022-0788
CRITICAL
WP Fundraising Donation <1.5.0 - SQL Injection
CVSS 9.8
CVE-2022-30927
CRITICAL
Simple Task Scheduling System 1.0 - SQL Injection
CVSS 9.8
CVE-2022-30469
HIGH
Afian Filerun 20220202 - SQL Injection via metadata[] POST Parameter
CVSS 8.8
CVE-2022-31768
CRITICAL
IBM InfoSphere Information Server 11.7 - SQL Injection
CVSS 9.8
CVE-2022-29704
CRITICAL
BrowsBox CMS 4.0 - SQL Injection
CVSS 9.8
CVE-2022-32028
HIGH
Car Rental Management System 1.0 - SQL Injection via manage_user.php id Parameter
CVSS 7.2
CVE-2022-32027
HIGH
Car Rental Management System 1.0 - SQL Injection via manage_car ID Parameter
CVSS 7.2
CVE-2022-32026
HIGH
Car Rental Management System 1.0 - SQL Injection via manage_booking.php id Parameter
CVSS 7.2
CVE-2022-32025
HIGH
Car Rental Management System 1.0 - SQL Injection via view_car.php id Parameter
CVSS 7.2
CVE-2022-32024
HIGH
Car Rental Management System 1.0 - SQL Injection via booking.php car_id Parameter
CVSS 7.2
CVE-2022-32022
HIGH
Car Rental Management System 1.0 - SQL Injection via Admin Login Endpoint
CVSS 7.2
CVE-2022-32021
HIGH
Car Rental Management System 1.0 - SQL Injection via manage_movement.php id Parameter
CVSS 7.2
CVE-2022-32018
HIGH
Complete Online Job Search System 1.0 - SQL Injection via Search Parameter
CVSS 7.2
CVE-2022-32017
HIGH
Complete Online Job Search System 1.0 - SQL Injection via Search Parameter
CVSS 7.2
CVE-2022-32016
HIGH
Complete Online Job Search System 1.0 - SQL Injection via Search Parameter
CVSS 7.2
CVE-2022-32015
HIGH
Complete Online Job Search System 1.0 - SQL Injection via Search Parameter
CVSS 7.2
CVE-2022-32014
HIGH
Complete Online Job Search System 1.0 - SQL Injection via Search Parameter
CVSS 7.2
CVE-2022-32013
HIGH
Complete Online Job Search System 1.0 - SQL Injection via Admin Category Edit ID Parameter
CVSS 7.2
CVE-2022-32012
HIGH
Complete Online Job Search System 1.0 - SQL Injection via Admin Employee Edit ID Parameter
CVSS 7.2
CVE-2022-32011
HIGH
Complete Online Job Search System 1.0 - SQL Injection via Admin Applicants View Parameter
CVSS 7.2
CVE-2022-32010
HIGH
Complete Online Job Search System 1.0 - SQL Injection via User Edit ID Parameter
CVSS 7.2
CVE-2022-32008
HIGH
Complete Online Job Search System 1.0 - SQL Injection via Vacancy Edit ID Parameter
CVSS 7.2
CVE-2022-32007
HIGH
Complete Online Job Search System 1.0 - SQL Injection via Admin Company Edit ID Parameter
CVSS 7.2
Details
Vulnerabilities
19,807
Exploit Likelihood
High