CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,824 vulnerabilities with CWE-89
CVE-2021-25054
HIGH
WPcalc < 2.1 - Authenticated SQL Injection via 'did' Parameter
CVSS 8.8
CVE-2021-24949
CRITICAL
The Plus Addons for Elementor <5.0.7 - SQL Injection
CVSS 9.8
CVE-2021-24862
HIGH
Wordpress RegistrationMagic task_ids Authenticated SQLi
CVSS 7.2
CVE-2021-45334
CRITICAL
Sourcecodester Online Thesis Archiving System 1.0 - SQL Injection
CVSS 9.8
CVE-2021-39978
HIGH
HarmonyOS < 2.0 - SQL Injection in Telephony Application
CVSS 7.5
CVE-2021-25030
HIGH
Events Made Easy WordPress <2.2.36 - SQL Injection
CVSS 8.8
CVE-2021-25023
HIGH
WordPress Plugin <4.3.3.1 - SQL Injection
CVSS 7.2
CVE-2021-24786
HIGH
WordPress Download Monitor <4.4.5 - SQL Injection
CVSS 7.2
CVE-2021-36722
HIGH
Emuse eServices/eNvoice - SQL Injection
CVSS 7.1
CVE-2021-44161
HIGH
Changing MOTP >=3.5 - Unauthenticated SQL Injection via Specific Function Parameter
CVSS 8.8
CVE-2021-45814
CRITICAL
Nettmp NNT 5.1 - SQL Injection
CVSS 9.8
CVE-2021-24753
HIGH
Rich Reviews by Starfish <1.9.6 - SQL Injection
CVSS 7.2
CVE-2021-44600
HIGH
Simple Online Men's Salon Management System 1.0 - SQL Injection via Password Parameter
CVSS 7.5
CVE-2021-44599
HIGH
Online Enrollment Management System 1.0 - SQL Injection via ID Parameter
CVSS 7.5
CVE-2021-21937
MEDIUM
Advantech R-SeeNet - Authenticated SQL Injection via host_alt_filter Parameter
CVSS 6.5
CVE-2021-21936
HIGH
Advantech R-SeeNet - Authenticated SQL Injection via health_alt_filter Parameter
CVSS 8.8
CVE-2021-21935
MEDIUM
Advantech R-SeeNet - Authenticated SQL Injection via host_alt_filter2 Parameter
CVSS 6.5
CVE-2021-21934
MEDIUM
Advantech R-SeeNet - Authenticated SQL Injection via imei_filter Parameter
CVSS 6.5
CVE-2021-21933
MEDIUM
Advantech R-SeeNet - Authenticated SQL Injection via esn_filter Parameter
CVSS 6.5
CVE-2021-21932
MEDIUM
Advantech R-SeeNet - Authenticated SQL Injection via name_filter Parameter
CVSS 6.5
CVE-2021-21931
MEDIUM
Advantech R-SeeNet - Authenticated SQL Injection via stat_filter Parameter
CVSS 6.5
CVE-2021-21930
MEDIUM
Advantech R-SeeNet - Authenticated SQL Injection via sn_filter Parameter
CVSS 6.5
CVE-2021-21929
MEDIUM
Advantech R-SeeNet - Authenticated SQL Injection via prod_filter Parameter
CVSS 6.5
CVE-2021-21928
MEDIUM
Advantech R-SeeNet - Authenticated SQL Injection via mac_filter Parameter
CVSS 6.5
CVE-2021-21927
MEDIUM
Advantech R-SeeNet - Authenticated SQL Injection via loc_filter Parameter
CVSS 6.5
Details
Vulnerabilities
19,824
Exploit Likelihood
High