CWE-564: CWE-564

Total CVEs

Critical

High

6.7

Avg CVSS

Yearly Trend

2026

2025

Top Affected Vendors

1 Coreshop 2

2 Apache 1

3 Tim Solutions 1

4 Opentext 1

5 Imithemes 1

All CWE-564 CVEs (6)

CVE-2025-8052

8.8

This SQL injection vulnerability in OpenText Flipper allows low-privilege users to execute arbitrary SQL queries through the HQL processor, potentiall...

Oct 20, 2025

CVE-2025-0959

8.8

This SQL injection vulnerability in the Eventer WordPress plugin allows authenticated attackers with Subscriber-level access or higher to inject malic...

Mar 7, 2025

CVE-2024-48988

7.6

This CVE describes an SQL injection vulnerability in Apache StreamPark's SpringBoot distribution package that allows authenticated attackers to execut...

Aug 22, 2025

CVE-2025-67280

5.4

Multiple Hibernate Query Language injection vulnerabilities in TIM BPM Suite/TIM FLOW allow low-privileged authenticated users to extract other users'...

Jan 9, 2026

CVE-2026-23959

4.9

An error-based SQL injection vulnerability in CoreShop's admin panel allows attackers to extract database information through crafted requests. This a...

Jan 22, 2026

CVE-2026-22242

4.9

CoreShop versions before 4.1.8 contain a blind SQL injection vulnerability that allows authenticated administrator users to extract database contents ...

Jan 8, 2026

About CWE-564 (CWE-564)

Our database tracks 6 CVEs classified as CWE-564, with 0 rated critical and 3 rated high severity. The average CVSS score for CWE-564 vulnerabilities is 6.7.

External reference: View CWE-564 on MITRE CWE →

Monitor CWE-564 Vulnerabilities

Get alerted when new CWE-564 CVEs affect your infrastructure.

Start Monitoring Free