CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,845 vulnerabilities with CWE-89
CVE-2019-25678
HIGH
C4G BLIS 3.4 SQL Injection via users_select.php
CVSS 8.2
CVE-2019-25676
HIGH
Ask Expert Script 3.0.5 Cross Site Scripting SQL Injection
CVSS 8.2
CVE-2019-25675
HIGH
eDirectory All Versions SQL Injection Authentication Bypass
CVSS 8.2
CVE-2019-25674
HIGH
CMSsite 1.0 SQL Injection via post Parameter
CVSS 8.2
CVE-2019-25672
HIGH
PilusCart 1.4.1 SQL Injection via send Parameter
CVSS 8.2
CVE-2019-25669
HIGH
qdPM 9.1 SQL Injection via search_by_extrafields Parameter
CVSS 8.2
CVE-2019-25668
HIGH
News Website Script 2.0.5 SQL Injection via index.php
CVSS 8.2
CVE-2019-25664
HIGH
SuiteCRM 7.10.7 SQL Injection via record Parameter
CVSS 7.1
CVE-2019-25663
HIGH
SuiteCRM 7.10.7 SQL Injection via parentTab Parameter
CVSS 7.1
CVE-2019-25662
HIGH
ResourceSpace 8.6 SQL Injection via watched_searches.php
CVSS 8.2
CVE-2019-25643
HIGH
eNdonesia Portal v8.7 SQL Injection via banners.php
CVSS 8.2
CVE-2019-25642
HIGH
Bootstrapy CMS Lastest Multiple SQL Injection via Forum and Contact Modules
CVSS 8.2
CVE-2019-25641
HIGH
Netartmedia Vlog System Lastest SQL Injection via email Parameter
CVSS 8.2
CVE-2019-25640
HIGH
Inout Article Base CMS Lastest SQL Injection via portalLogin.php
CVSS 8.2
CVE-2019-25639
HIGH
Matrimony Website Script M-Plus Multiple SQL Injection
CVSS 8.2
CVE-2019-25638
HIGH
Meeplace Business Review Script Lastest SQL Injection via addclick.php
CVSS 7.1
CVE-2019-25636
HIGH
Zeeways Jobsite CMS Lastest SQL Injection via id Parameter
CVSS 8.2
CVE-2019-25635
HIGH
Zeeways Matrimony CMS Lastest SQL Injection via profile_list
CVSS 8.2
CVE-2019-25581
HIGH
i-doit CMDB 1.12 SQL Injection via objGroupID Parameter
CVSS 8.2
CVE-2019-25578
HIGH
phpTransformer 2016.9 SQL Injection via GeneratePDF.php
CVSS 8.2
CVE-2019-25576
HIGH
Kepler Wallpaper Script 1.1 SQL Injection via category
CVSS 8.2
CVE-2019-25575
HIGH
SimplePress CMS 1.0.7 SQL Injection via p and s Parameters
CVSS 8.2
CVE-2019-25573
HIGH
Green CMS 2.x SQL Injection via cat Parameter
CVSS 7.1
CVE-2019-25543
HIGH
Netartmedia Real Estate Portal 5.0 - SQL Injection
CVSS 8.2
CVE-2019-25542
HIGH
Netartmedia Real Estate Portal 5.0 - SQL Injection
CVSS 8.2
Details
Vulnerabilities
19,845
Exploit Likelihood
High