CWE-89: SQL Injection

This SQL injection vulnerability in Apache Cocoon allows attackers to execute arbitrary SQL commands on affected systems. It affects Apache Cocoon ver...

This vulnerability allows unauthenticated attackers to execute arbitrary SQL queries on PrestaShop installations using the vulnerable 'Product Catalog...

A SQL injection vulnerability in Meshery allows remote attackers to execute arbitrary SQL commands through the 'order' parameter, potentially leading ...

This SQL injection vulnerability in Veribilim Software Computer Veribase allows attackers to execute arbitrary SQL commands through specially crafted ...

This vulnerability allows unauthenticated attackers to execute arbitrary SQL queries on PrestaShop installations using the 'Cross Selling in Modal Car...

This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands on PrestaShop installations using the Chronopost Official module...

This SQL injection vulnerability in Veon Computer Service Tracking Software allows attackers to execute arbitrary SQL commands on the database. It aff...

This SQL injection vulnerability in DRD Fleet Leasing DRDrive allows attackers to execute arbitrary SQL commands through the application. It affects a...

CVE-2023-37924 is an SQL injection vulnerability in Apache Submarine's login functionality that allows attackers to bypass authentication and gain una...

CVE-2023-5652 is a critical SQL injection vulnerability in the WP Hotel Booking WordPress plugin. Unauthenticated attackers can exploit missing author...

This CVE describes a critical SQL injection vulnerability in the Article Analytics WordPress plugin. Unauthenticated attackers can exploit it by sendi...

This is a critical SQL injection vulnerability in LuxCal Web Calendar that allows remote unauthenticated attackers to execute arbitrary SQL commands. ...

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on PrestaShop websites using the 'Product Catalog Export PRO' mod...

This SQL injection vulnerability in Simple CRUD Functionality v1.0 allows attackers to execute arbitrary SQL commands through the 'title' parameter in...

This SQL injection vulnerability in LMXCMS v1.4 allows attackers to execute arbitrary SQL commands through the TagsAction.class component. Attackers c...

CVE-2023-47445 is a critical SQL injection vulnerability in Pre-School Enrollment System version 1.0 that allows attackers to execute arbitrary SQL co...

This SQL injection vulnerability in ETS Soft ybc_blog allows attackers to execute arbitrary SQL commands through the getPosts() function. It affects a...

This SQL injection vulnerability in WBCE CMS's miniform module allows remote unauthenticated attackers to execute arbitrary SQL commands via the DB_RE...

Online Matrimonial Project v1.0 has unauthenticated SQL injection vulnerabilities in the view_profile.php resource. Attackers can execute arbitrary SQ...

Online Matrimonial Project v1.0 contains unauthenticated SQL injection vulnerabilities in the register() function's 'day' parameter, allowing attacker...

Online Matrimonial Project v1.0 contains unauthenticated SQL injection vulnerabilities in the auth/auth.php resource. Attackers can execute arbitrary ...

Online Matrimonial Project v1.0 has unauthenticated SQL injection vulnerabilities in the functions.php resource. Attackers can execute arbitrary SQL c...

Online Matrimonial Project v1.0 contains unauthenticated SQL injection vulnerabilities in the partner_preference.php resource. Attackers can execute a...

Online Job Portal v1.0 has unauthenticated SQL injection vulnerabilities in the 'txt_uname_email' parameter of index.php, allowing attackers to execut...

Online Job Portal v1.0 has unauthenticated SQL injection vulnerabilities in the sign-up.php file, specifically in the 'txt_uname' parameter. This allo...

RemoteClinic 2.0 contains a time-based blind SQL injection vulnerability in the patients/index.php 'start' parameter that allows attackers to extract ...

This is a critical SQL injection vulnerability in Tyk Gateway's API endpoint that allows attackers to execute arbitrary SQL queries without authentica...

This SQL injection vulnerability in the WordPress Subscribe to Category plugin allows attackers to execute arbitrary SQL commands on the database. It ...

This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands on WordPress sites using the Contact Form 7 Custom Validation pl...

This SQL injection vulnerability in the Seriously Simple Stats WordPress plugin allows attackers to execute arbitrary SQL commands on the database. It...

This SQL injection vulnerability in the InspireUI MStore API WordPress plugin allows attackers to execute arbitrary SQL commands on the database. It a...

This SQL injection vulnerability in the Advanced Page Visit Counter WordPress plugin allows attackers to execute arbitrary SQL commands on the databas...

This SQL injection vulnerability in the WP Reroute Email WordPress plugin allows attackers to execute arbitrary SQL commands. It affects all WordPress...

This SQL injection vulnerability in the Felix Welberg SIS Handball WordPress plugin allows attackers to execute arbitrary SQL commands on the database...

This SQL injection vulnerability in the Slimstat Analytics WordPress plugin allows attackers to execute arbitrary SQL commands on the database. It aff...

This SQL injection vulnerability in the WordPress Short URL plugin allows attackers to execute arbitrary SQL commands on the database. It affects all ...

This SQL injection vulnerability in the WpDevArt Booking Calendar plugin for WordPress allows attackers to execute arbitrary SQL commands on the datab...

This SQL injection vulnerability in the WordPress Shortcode IMDB plugin allows attackers to execute arbitrary SQL commands on the database. It affects...

A SQL injection vulnerability in Novel-Plus v4.2.0 allows remote attackers to execute arbitrary SQL commands via the sort parameter in the /common/log...

This SQL injection vulnerability in kerawen e-commerce software allows attackers to execute arbitrary SQL commands through the ocs_id_cart parameter. ...

This SQL injection vulnerability in the Houzez Real Estate WordPress theme allows attackers to execute arbitrary SQL commands on the database. It affe...

CVE-2022-46818 is an SQL injection vulnerability in the WordPress 'Email posts to subscribers' plugin. It allows attackers to execute arbitrary SQL co...

This SQL injection vulnerability in the Paytm Payment Gateway WordPress plugin allows attackers to execute arbitrary SQL commands on the database. It ...

This SQL injection vulnerability in the Spiffy Calendar WordPress plugin allows attackers to execute arbitrary SQL commands. It affects all versions u...

This SQL injection vulnerability in the WordPress Be POPIA Compliant plugin allows attackers to execute arbitrary SQL commands on the database. It aff...

This SQL injection vulnerability in the MapPress Maps for WordPress plugin allows authenticated attackers to execute arbitrary SQL commands on the dat...

This SQL injection vulnerability in the Simple Photo Gallery WordPress plugin allows attackers to execute arbitrary SQL commands on the database. It a...

This SQL injection vulnerability in RelativityOne allows remote attackers to execute arbitrary SQL commands via the name parameter. Attackers can pote...

Online Food Ordering System v1.0 has unauthenticated SQL injection vulnerabilities in the routers/add-ticket.php endpoint. Attackers can execute arbit...

Online Food Ordering System v1.0 contains unauthenticated SQL injection vulnerabilities in the routers/user-router.php resource. Attackers can execute...