CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,807 vulnerabilities with CWE-89
CVE-2022-31976
CRITICAL
Online Fire Reporting System 1.0 - SQL Injection via Master.php delete_request Parameter
CVSS 9.8
CVE-2022-31975
HIGH
Online Fire Reporting System 1.0 - SQL Injection via User Management ID Parameter
CVSS 7.2
CVE-2022-31974
HIGH
Online Fire Reporting System 1.0 - SQL Injection via Date Parameter
CVSS 7.2
CVE-2022-31971
HIGH
ChatBot App with Suggestion 1.0 - SQL Injection via Response View ID Parameter
CVSS 7.2
CVE-2022-31970
HIGH
ChatBot App with Suggestion v1.0 - SQL Injection via Response Management ID Parameter
CVSS 7.2
CVE-2022-31969
CRITICAL
ChatBot App with Suggestion 1.0 - SQL Injection via Manage User ID Parameter
CVSS 9.8
CVE-2022-31965
CRITICAL
Rescue Dispatch Management System 1.0 - SQL Injection via manage_respondent_type.php id Parameter
CVSS 9.8
CVE-2022-31964
CRITICAL
Rescue Dispatch Management System 1.0 - SQL Injection via id Parameter
CVSS 9.8
CVE-2022-31962
CRITICAL
Rescue Dispatch Management System 1.0 - SQL Injection via Incident ID Parameter
CVSS 9.8
CVE-2022-31961
CRITICAL
Rescue Dispatch Management System 1.0 - SQL Injection via manage_incident.php id Parameter
CVSS 9.8
CVE-2022-31959
CRITICAL
Rescue Dispatch Management System 1.0 - SQL Injection via manage_team.php id Parameter
CVSS 9.8
CVE-2022-31957
CRITICAL
Rescue Dispatch Management System 1.0 - SQL Injection via view_team.php id Parameter
CVSS 9.8
CVE-2022-31956
CRITICAL
Rescue Dispatch Management System 1.0 - SQL Injection via manage_report.php id Parameter
CVSS 9.8
CVE-2022-31953
CRITICAL
Rescue Dispatch Management System 1.0 - SQL Injection via Incident Report ID Parameter
CVSS 9.8
CVE-2022-31952
CRITICAL
Rescue Dispatch Management System 1.0 - SQL Injection via Master.php delete_incident Parameter
CVSS 9.8
CVE-2022-31951
CRITICAL
Rescue Dispatch Management System 1.0 - SQL Injection via Master.php Respondent Type Deletion
CVSS 9.8
CVE-2022-31948
CRITICAL
Rescue Dispatch Management System 1.0 - SQL Injection via Master.php delete_report Parameter
CVSS 9.8
CVE-2022-31946
CRITICAL
Rescue Dispatch Management System 1.0 - SQL Injection via Master.php delete_team Parameter
CVSS 9.8
CVE-2022-31354
CRITICAL
Online Car Wash Booking System v1.0 - SQL Injection
CVSS 9.8
CVE-2022-31353
CRITICAL
Online Car Wash Booking System v1.0 - SQL Injection
CVSS 9.8
CVE-2022-31352
CRITICAL
Online Car Wash Booking System v1.0 - SQL Injection
CVSS 9.8
CVE-2022-31351
CRITICAL
Online Car Wash Booking System v1.0 - SQL Injection
CVSS 9.8
CVE-2022-31350
CRITICAL
Online Car Wash Booking System v1.0 - SQL Injection
CVSS 9.8
CVE-2022-31348
CRITICAL
Online Car Wash Booking System v1.0 - SQL Injection
CVSS 9.8
CVE-2022-31347
CRITICAL
Online Car Wash Booking System v1.0 - SQL Injection
CVSS 9.8
Details
Vulnerabilities
19,807
Exploit Likelihood
High