CWE-89: SQL Injection

This SQL injection vulnerability in the Theme Volty CMS Category Product module for PrestaShop allows unauthenticated attackers to execute arbitrary S...

This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands on PrestaShop installations using the Theme Volty CMS Category C...

This CVE describes an SQL injection vulnerability in the Theme Volty CMS Category Slider module for PrestaShop. Unauthenticated attackers can execute ...

CVE-2023-43980 is a SQL injection vulnerability in Presto Changeo testsitecreator module for PrestaShop. Attackers can execute arbitrary SQL commands ...

This is a SQL injection vulnerability in the 'bookisbn' parameter of cart.php that allows attackers to execute arbitrary SQL commands on the database....

This CVE describes an SQL injection vulnerability in the Email parameter of process_login.php. Attackers can inject malicious SQL commands to manipula...

This is a SQL injection vulnerability in the 'age' parameter of process_registration.php that allows attackers to execute arbitrary SQL commands on th...

Asset Management System v1.0 contains an unauthenticated SQL injection vulnerability in the email parameter of index.php. This allows attackers to ext...

This CVE describes an SQL injection vulnerability in a hospital management system that allows attackers to bypass authentication. Attackers can exploi...

This SQL injection vulnerability in Packers and Movers Management System v1.0 allows attackers to execute arbitrary SQL commands via the id parameter ...

This SQL injection vulnerability in Economizzer allows attackers to execute arbitrary SQL commands via the 'category_id' parameter in the cash book's ...

This SQL injection vulnerability in Hedef Tracking Admin Panel allows attackers to execute arbitrary SQL commands through the admin interface. It affe...

This SQL injection vulnerability in MRV Tech Logging Administration Panel allows attackers to execute arbitrary SQL commands through the web interface...

CVE-2023-39640 is a SQL injection vulnerability in UpLight cookiebanner module for PrestaShop that allows attackers to execute arbitrary SQL commands....

This SQL injection vulnerability in janobe Online Job Portal v.2020 allows remote attackers to execute arbitrary SQL commands via the ForPass.php comp...

This is a critical SQL injection vulnerability in the OpartFAQ module for PrestaShop that allows remote attackers to execute arbitrary SQL commands. A...

Dreamer CMS v4.1.3 contains a SQL injection vulnerability in the model-form-management-field form that allows attackers to execute arbitrary SQL comma...

This CVE describes a critical SQL injection vulnerability in the PrestaShop opartplannedpopup module. Attackers can execute arbitrary SQL commands rem...

This CVE describes a SQL injection vulnerability in the SimpleImportProduct Prestashop module that allows attackers to execute arbitrary SQL commands ...

This SQL injection vulnerability in Hoteldruid v3.0.5 allows attackers to execute arbitrary SQL commands via the id_utente_log parameter in the person...

CVE-2023-43371 is a critical SQL injection vulnerability in Hoteldruid v3.0.5 that allows attackers to execute arbitrary SQL commands via the numcasel...

This SQL injection vulnerability in Exam Form Submission in PHP v1.0 allows remote attackers to execute arbitrary SQL commands via the val-username pa...

CVE-2023-41887 is a critical remote code execution vulnerability in OpenRefine that allows unauthenticated attackers to execute arbitrary code on the ...

This SQL injection vulnerability in Besttem Network Marketing Software allows attackers to execute arbitrary SQL commands on the database. It affects ...

This SQL injection vulnerability in Ncode Ncep allows attackers to execute arbitrary SQL commands on the database. It affects all Ncep installations b...

This SQL injection vulnerability in Cevik Informatics Online Payment System allows attackers to execute arbitrary SQL commands via unvalidated user in...

This SQL injection vulnerability in Sanalogy Turasistan allows attackers to execute arbitrary SQL commands through unvalidated user input. It affects ...

This CVE describes a SQL injection vulnerability in the Bl Modules xmlfeeds PrestaShop module before version 3.9.8. Attackers can exploit the SearchAp...

This SQL injection vulnerability in the psaffiliate PrestaShop module allows attackers to execute arbitrary SQL commands through the PsaffiliateGetaff...

This SQL injection vulnerability in FIT2CLOUD RackShift v1.7.1 allows attackers to execute arbitrary SQL commands via the 'sort' parameter in multiple...

This SQL injection vulnerability in Movus software allows attackers to execute arbitrary SQL commands by injecting malicious input. It affects all Mov...

This SQL injection vulnerability in Aceka Company Management allows attackers to execute arbitrary SQL commands on the database. All organizations run...

CVE-2023-40945 is a critical SQL injection vulnerability in Sourcecodester Doctor Appointment System 1.0 that allows attackers to execute arbitrary SQ...

CVE-2023-30058 is a SQL injection vulnerability in novel-plus version 3.6.2 that allows attackers to execute arbitrary SQL commands. This affects all ...

Jeecg Boot versions up to 3.5.3 contain a SQL injection vulnerability in the /jeecg-boot/jmreport/show component. This allows attackers to execute arb...

Zoo Management System v1.0 contains SQL injection vulnerabilities in the admin login page that allow attackers to bypass authentication and execute ar...

CVE-2023-4485 is an unauthenticated blind SQL injection vulnerability in ARDEREG Sistema SCADA Central login page. Attackers can execute arbitrary SQL...

Super Store Finder v3.6 contains SQL injection vulnerabilities in its store locator component that allow attackers to execute arbitrary SQL commands v...

CVE-2023-39361 is a critical SQL injection vulnerability in Cacti's graph_view.php that allows unauthenticated attackers to execute arbitrary SQL comm...

This SQL injection vulnerability in abupy allows attackers to execute arbitrary SQL commands through the search_to_symbol_dict function. It affects al...

This SQL injection vulnerability in Digita Information Technology Smartrise Document Management System allows attackers to execute arbitrary SQL comma...

This SQL injection vulnerability in Mestav Software E-commerce Software allows attackers to execute arbitrary SQL commands through unvalidated user in...

This SQL injection vulnerability in BMA Personnel Tracking System allows attackers to execute arbitrary SQL commands through user inputs. It affects a...

Audimexee v14.1.7 contains a SQL injection vulnerability in the p_table_name parameter that allows attackers to execute arbitrary SQL commands. This a...

This SQL injection vulnerability in Tine Groupware allows attackers to execute arbitrary SQL commands through the sort parameter of the /index.php end...

This SQL injection vulnerability in GruppoSCAI RealGimm v1.1.37p38 allows attackers to execute arbitrary SQL commands through the 'Data Richiesta dal'...

CVE-2023-31714 is a critical SQL injection vulnerability in Chitor-CMS that allows attackers to execute arbitrary SQL commands. This affects all Chito...

This CVE describes a critical SQL injection vulnerability in TripSpark VEO Transportation and NovusEDU software. Attackers can inject malicious SQL co...

This CVE describes a SQL injection vulnerability in SpringBlade v3.6.0 where user-submitted parameters are not properly sanitized with quotation marks...

Theme Volty CMS Blog versions up to v4.0.1 contain a SQL injection vulnerability in the id parameter at the /tvcmsblog/single endpoint. This allows at...