CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,807 vulnerabilities with CWE-89
CVE-2022-30823
HIGH
Wedding Management System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-30818
HIGH
Wedding Management System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-30817
CRITICAL
Simple Bus Ticket Booking System 1.0 - SQL Injection
CVSS 9.8
CVE-2022-30816
CRITICAL
elitecms 1.01 - SQL Injection via /admin/edit_sidebar.php
CVSS 9.8
CVE-2022-30815
CRITICAL
elitecms 1.01 - SQL Injection via admin/edit_sidebar.php
CVSS 9.8
CVE-2022-30814
CRITICAL
elitecms 1.01 - SQL Injection via /admin/add_sidebar.php
CVSS 9.8
CVE-2022-30813
CRITICAL
elitecms 1.01 - SQL Injection via /admin/add_post.php
CVSS 9.8
CVE-2022-30810
CRITICAL
elitecms 1.01 - SQL Injection via admin/edit_post.php
CVSS 9.8
CVE-2022-30809
CRITICAL
elitecms 1.01 - SQL Injection via /admin/edit_page.php
CVSS 9.8
CVE-2022-30799
HIGH
Online Ordering System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-30798
HIGH
Online Ordering System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-30797
CRITICAL
Online Ordering System 1.0 - SQL Injection
CVSS 9.8
CVE-2022-30795
HIGH
Online Ordering System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-30794
HIGH
Online Ordering System v1.0 - SQL Injection
CVSS 7.2
CVE-2022-30512
CRITICAL
School Dormitory Management System 1.0 - SQL Injection via Payment History Page
CVSS 9.8
CVE-2022-30511
CRITICAL
School Dormitory Management System 1.0 - SQL Injection via accounts/view_details.php
CVSS 9.8
CVE-2022-30510
CRITICAL
School Dormitory Management System 1.0 - SQL Injection via Daily Collection Report
CVSS 9.8
CVE-2022-30496
HIGH
IDCE MV 1.0 - SQL Injection via Logon Page User Field
CVSS 7.5
CVE-2022-30490
CRITICAL
Badminton Center Management System V1.0 - SQL Injection via id Parameter
CVSS 9.8
CVE-2022-30481
CRITICAL
food-order-and-table-reservation-system 1.0 - SQL Injection via catid Parameter
CVSS 9.8
CVE-2022-30478
CRITICAL
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar 1.0 - SQL Injection via search_product.php Keyword Parameter
CVSS 9.8
CVE-2022-30352
CRITICAL
phpABook 0.9i - SQL Injection via auth_user Parameter
CVSS 9.8
CVE-2022-29659
CRITICAL
Responsive Online Blog v1.0 - SQL Injection via id Parameter
CVSS 9.8
CVE-2022-24240
CRITICAL
ACEweb Online Portal 3.5.065 - SQL Injection
CVSS 9.8
CVE-2022-24848
HIGH
DHIS2 < 2.36.10.1 - Authenticated SQL Injection via Programs API Endpoint
CVSS 8.8
Details
Vulnerabilities
19,807
Exploit Likelihood
High