CWE-89: SQL Injection

CVE-2024-33164 is a critical SQL injection vulnerability in J2EEFAST v2.7.0 that allows attackers to execute arbitrary SQL commands via the sql_filter...

J2EEFAST v2.7.0 contains a SQL injection vulnerability in the commentList() function via the sql_filter parameter. This allows attackers to execute ar...

CVE-2024-33124 is a critical SQL injection vulnerability in Roothub v2.6 that allows attackers to execute arbitrary SQL commands via the nodeTitle par...

A SQL injection vulnerability in the Yvan Dotet PostgreSQL Query Deluxe module allows remote attackers to execute arbitrary SQL commands via the query...

A SQL injection vulnerability in campcodes Complete Web-Based School Management System 1.0 allows attackers to execute arbitrary SQL commands via the ...

A SQL injection vulnerability in Campcodes Complete Web-Based School Management System 1.0 allows attackers to execute arbitrary SQL commands via the ...

A SQL injection vulnerability in campcodes Complete Web-Based School Management System 1.0 allows attackers to execute arbitrary SQL commands via the ...

Kliqqi-CMS 2.0.2 contains a SQL injection vulnerability in load_data.php through the userid parameter. This allows attackers to execute arbitrary SQL ...

This SQL injection vulnerability in Gescen on centrosdigitales.net allows attackers to execute arbitrary SQL queries through the pass parameter, poten...

This is an unauthenticated SQL injection vulnerability in Voltronic Power ViewPower Pro that allows remote attackers to execute arbitrary code. Attack...

This is a critical SQL injection vulnerability in Voltronic Power ViewPower Pro that allows unauthenticated remote attackers to execute arbitrary code...

This SQL injection vulnerability in shipup versions before 3.3.0 allows remote attackers to execute arbitrary SQL commands via the getShopID function....

This SQL injection vulnerability in Webbax supernewsletter v1.4.21 and earlier allows remote attackers to execute arbitrary SQL commands via the produ...

This CVE describes a critical SQL injection vulnerability in the Hero hfheropayment PrestaShop module that allows attackers to execute arbitrary SQL c...

This CVE describes a critical SQL injection vulnerability in the Helloshop deliveryorderautoupdate PrestaShop module. Attackers can execute arbitrary ...

This CVE describes a critical SQL injection vulnerability in the Prestaddons flashsales module for PrestaShop. Attackers can execute arbitrary SQL com...

This CVE describes a SQL injection vulnerability in the FME Modules preorderandnotification module for PrestaShop. Attackers can execute arbitrary SQL...

CVE-2024-33444 is a critical SQL injection vulnerability in onethink v1.1 that allows remote attackers to execute arbitrary SQL commands via the Model...

This is a critical SQL injection vulnerability in PuneethReddyHC Event Management 1.0 that allows attackers to execute arbitrary SQL commands via the ...

This SQL injection vulnerability in PHP Task Management System v1.0 allows remote attackers to execute arbitrary SQL commands via the task_id paramete...

This SQL injection vulnerability in SEMCMS v4.8 allows remote attackers to extract sensitive database information by manipulating the ID parameter in ...

A critical SQL injection vulnerability in DerbyNet v9.0 allows remote attackers to execute arbitrary SQL commands via the where clause in award docume...

This CVE describes a critical SQL injection vulnerability in the Invoices page of phpgurukul Client Management System. Attackers can execute arbitrary...

This CVE describes a critical SQL injection vulnerability in phpgurukul Cyber Cafe Management System 1.0. Attackers can execute arbitrary SQL commands...

This SQL injection vulnerability in phpgurukul Cyber Cafe Management System allows attackers to execute arbitrary SQL commands via the Computer Locati...

An SQL injection vulnerability in the parisneo/lollms-webui application allows attackers to delete all discussion and message data by sending a crafte...

This CVE describes a critical SQL injection vulnerability in the Sourcecodester PHP Task Management System v1.0. Attackers can exploit this via crafte...

CVE-2024-3704 is a critical SQL injection vulnerability in OpenGnsys version 1.1.1d that allows attackers to bypass authentication and potentially acc...

This vulnerability allows attackers to execute arbitrary SQL commands through the password parameter in the login.php file of Sourcecodester Loan Mana...

This CVE describes a critical SQL injection vulnerability in PHPGurukul Men Salon Management System v2.0, allowing remote attackers to execute arbitra...

The LayerSlider WordPress plugin contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries. This ...

Alldata v0.4.6 contains a SQL injection vulnerability in the tablename parameter at the /data/masterdata/datas endpoint. This allows attackers to exec...

This is a critical SQL injection vulnerability in Sante PACS Server's token endpoint that allows unauthenticated remote attackers to execute arbitrary...

This SQL injection vulnerability in netentsec NS-ASG 6.3 allows attackers to execute arbitrary SQL commands via the /admin/edit_virtual_site_info.php ...

CVE-2024-30865 is a critical SQL injection vulnerability in netentsec NS-ASG 6.3 that allows attackers to execute arbitrary SQL commands via the /admi...

This SQL injection vulnerability in Egehan Security WebPDKS allows attackers to execute arbitrary SQL commands on the database. All installations of W...

This SQL injection vulnerability in TeoSOFT Software TeoBASE allows attackers to execute arbitrary SQL commands through unvalidated user input. All Te...

This vulnerability allows attackers to execute arbitrary SQL commands through the delete admin users function in SourceCodester PHP Task Management Sy...

CVE-2024-28421 is a critical SQL injection vulnerability in Razor 0.8.0 that allows remote attackers to execute arbitrary SQL commands via the Channel...

This SQL injection vulnerability in the scalapay PrestaShop module allows remote attackers to execute arbitrary SQL commands via the ScalapayReturnMod...

This SQL injection vulnerability in Mergen Software Quality Management System allows attackers to execute arbitrary SQL commands through unvalidated u...

This SQL injection vulnerability in the CIGESv2 system allows remote attackers to execute arbitrary SQL commands through the 'id' parameter in /ajaxCo...

This SQL injection vulnerability in the CIGESv2 system allows remote attackers to execute arbitrary SQL queries through the 'idServicio' parameter in ...

This critical SQL injection vulnerability in SeaCMS version 12.9 allows unauthenticated attackers to execute arbitrary SQL commands via the id paramet...

This SQL injection vulnerability in Sentrifugo 3.2 allows remote attackers to execute arbitrary SQL commands through the 'id' parameter in specific en...

This SQL injection vulnerability in Sentrifugo 3.2 allows remote attackers to execute arbitrary SQL queries through the 'bunitname' parameter in the b...

This is a critical SQL injection vulnerability in Sentrifugo 3.2 that allows remote attackers to execute arbitrary SQL queries through the 'sort_name'...

An unauthenticated SQL injection vulnerability exists in the SCAN_VISIO eDocument Suite Web Viewer login page via the 'user' parameter. This allows at...

This SQL injection vulnerability in tramyardg Autoexpress 1.3.0 allows remote unauthenticated attackers to execute arbitrary SQL commands via the 'id'...

This CVE describes a critical SQL injection vulnerability in Sourcecodester Employee Management System v1.0, allowing attackers to execute arbitrary S...