Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-89

CWE-89

High likelihood

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Parent: CWE-943 - Improper Neutralization of Special Elements in Data Query Logic

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

18,856 vulnerabilities with CWE-89

CVE-2026-6182 HIGH

code-projects Simple Content Management System login.php sql injection

CVE-2026-36945 LOW

Computer and Mobile Repair Shop Management System 1.0 - SQL Injection

CVE-2026-36944 LOW

Computer and Mobile Repair Shop Management System 1.0 - SQL Injection

CVE-2026-36943 LOW

Computer and Mobile Repair Shop Management System 1.0 - SQL Injection

CVE-2026-36941 LOW

Online Resort Management System 1.0 - SQL Injection

CVE-2026-36947 LOW

Computer and Mobile Repair Shop Management System 1.0 - SQL Injection

CVE-2026-36946 LOW

Computer and Mobile Repair Shop Management System 1.0 - SQL Injection

CVE-2026-36923 LOW

Sourcecodester Cab Management System 1.0 - SQL Injection

CVE-2026-36922 LOW

Sourcecodester Cab Management System 1.0 - SQL Injection

CVE-2026-36920 LOW

Online Reviewer System 1.0 - SQL Injection

CVE-2026-36919 LOW

Sourcecodester Online Reviewer System 1.0 - SQL Injection

CVE-2026-36874 LOW

Basic Library System 1.0 - SQL Injection

CVE-2026-36873 LOW

Basic Library System 1.0 - SQL Injection

CVE-2026-36872 LOW

Basic Library System 1.0 - SQL Injection

CVE-2026-6167 HIGH

code-projects Faculty Management System subject-print.php sql injection

CVE-2026-6166 HIGH

code-projects Vehicle Showroom Management System UpdateVehicleFunction.php sql injection

CVE-2026-3830 HIGH

Product Filter for WooCommerce by WBW < 3.1.3 - Unauthenticated SQLi

CVE-2026-6165 HIGH

code-projects Vehicle Showroom Management System Login_check.php sql injection

CVE-2026-6164 HIGH

code-projects Lost and Found Thing Management addcat.php sql injection

CVE-2026-6163 HIGH

code-projects Lost and Found Thing Management catageory.php sql injection

CVE-2026-6161 HIGH

code-projects Simple ChatBox Endpoint insert.php sql injection

CVE-2026-6153 HIGH

code-projects Vehicle Showroom Management System StaffDetailsFunction.php sql injection

CVE-2026-6152 HIGH

code-projects Vehicle Showroom Management System StaffAddingFunction.php sql injection

CVE-2026-6151 HIGH

code-projects Vehicle Showroom Management System PaymentStatusFunction.php sql injection

CVE-2026-6149 HIGH

code-projects Vehicle Showroom Management System BookVehicleFunction.php sql injection

Previous Page 8 of 755 Next

Details

Vulnerabilities 18,856

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy