CWE-89: SQL Injection

This CVE describes a SQL injection vulnerability in the theme volty tvcmsvideotab module for PrestaShop. Attackers can exploit this to execute arbitra...

ECTouch v2 contains a SQL injection vulnerability in the $arr['id'] parameter at \default\helpers\insert.php. This allows attackers to execute arbitra...

PHPJabbers Food Delivery Script 3.0 contains a SQL injection vulnerability in the 'q' parameter of index.php that allows attackers to execute arbitrar...

This SQL injection vulnerability in NVK iBSG v3.5 allows attackers to execute arbitrary SQL commands through the a_passwd parameter in the user regist...

Schoolmate v1.3 contains SQL injection vulnerabilities in the DeleteFunctions.php file via the $courseid and $teacherid parameters. Attackers can exec...

CVE-2023-39852 is a SQL injection vulnerability in Doctormms v1.0 that allows attackers to execute arbitrary SQL commands via the $userid parameter in...

CVE-2023-37847 is a SQL injection vulnerability in novel-plus v3.6.2 that allows attackers to execute arbitrary SQL commands. This affects all systems...

This CVE describes a SQL injection vulnerability in the School Faculty Scheduling System version 1.0 that allows remote attackers to execute arbitrary...

CVE-2023-39805 is a SQL injection vulnerability in iCMS v7.0.16 that allows attackers to execute arbitrary SQL commands via the where parameter in adm...

This SQL injection vulnerability in PHPJabbers Document Creator v1.0 allows attackers to execute arbitrary SQL commands via the 'column' parameter in ...

CVE-2023-37068 is a critical SQL injection vulnerability in Code-Projects Gym Management System V1.0 that allows remote attackers to execute arbitrary...

A critical SQL injection vulnerability in CSZCMS 1.3.0 allows remote attackers to execute arbitrary SQL commands through the p parameter or search URL...

This SQL injection vulnerability in the a2 Camera Trap Tracking System allows attackers to execute arbitrary SQL commands on the database. It affects ...

This SQL injection vulnerability in Digital Ant E-Commerce Software allows attackers to execute arbitrary SQL commands through user input. It affects ...

This SQL injection vulnerability in Oduyo Online Collection Software allows attackers to execute arbitrary SQL commands by injecting malicious input. ...

Judging Management System v1.0 contains a SQL injection vulnerability in the deductScores.php endpoint via the id parameter. This allows attackers to ...

This SQL injection vulnerability in Farmakom Remote Administration Console allows attackers to execute arbitrary SQL commands on the database. It affe...

This vulnerability allows unauthenticated remote attackers to execute arbitrary SQL queries on RUGGEDCOM CROSSBOW server databases. It affects all ver...

This SQL injection vulnerability in mAyaNet E-Commerce Software allows attackers to execute arbitrary SQL commands through unvalidated user input. All...

This SQL injection vulnerability in ProForms Basic Joomla extension allows attackers to execute arbitrary SQL commands through unsanitized user input....

This SQL injection vulnerability in HikaShop for Joomla allows attackers to execute arbitrary SQL commands through improper input sanitization. It aff...

CVE-2023-23757 is a critical SQL injection vulnerability in the BA Gallery Joomla extension that allows attackers to execute arbitrary SQL commands. T...

This SQL injection vulnerability in Control ID IDSecure allows unauthenticated attackers to write PHP files to the server's root directory, leading to...

This vulnerability allows attackers to execute arbitrary SQL commands through the search functionality in PHPGurukul Online Security Guards Hiring Sys...

CVE-2023-33665 is a SQL injection vulnerability in ai-dev aitable's /includes/ajax.php component that allows attackers to execute arbitrary SQL comman...

This SQL injection vulnerability in MotoCMS v3.4.3 allows remote attackers to execute arbitrary SQL commands via the keyword parameter in the search f...

CVE-2023-38954 is a critical SQL injection vulnerability in ZKTeco BioAccess IVS v3.3.1 that allows attackers to execute arbitrary SQL commands on the...

Art Gallery Management System v1.0 has a SQL injection vulnerability in the product.php page's cid parameter that allows attackers to execute arbitrar...

This vulnerability allows attackers to execute arbitrary SQL commands through the username field of the login page in Wifi Soft Unibox Administration ...

This is a critical SQL injection vulnerability in YunyeCMS 2.0.2 that allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-Fo...

This SQL injection vulnerability in PrestaShop's SendinBlue module allows remote attackers to execute arbitrary SQL commands via the ajaxOrderTracking...

This CVE describes an SQL injection vulnerability in Apache InLong's toAuditCkSql method where user-controlled parameters (groupId, streamId, auditId,...

This SQL injection vulnerability in Infodrom Software's E-Invoice Approval System allows attackers to execute arbitrary SQL commands through unvalidat...

This SQL injection vulnerability in eNdonesia 8.7 allows attackers to execute arbitrary SQL commands through the 'rid=' parameter in diskusi.php. Atta...

Millhouse-Project v1.414 contains a SQL injection vulnerability in the /add_post_sql.php component that allows remote attackers to execute arbitrary c...

This SQL injection vulnerability in the Payplug module for PrestaShop allows remote attackers to execute arbitrary SQL commands via the ajax.php front...

This CVE describes a SQL injection vulnerability in Locke-Bot 2.0.2, a Discord bot, that allows remote attackers to execute arbitrary SQL commands. At...

This SQL injection vulnerability in Digital Strategy Zekiweb allows attackers to execute arbitrary SQL commands through unvalidated user input. It aff...

This SQL injection vulnerability in Oliva Expertise EKS allows attackers to execute arbitrary SQL commands on the database. It affects all Oliva Exper...

A SQL injection vulnerability in the Boxtal (envoimoinscher) module for PrestaShop allows remote attackers to execute arbitrary SQL commands via the '...

This SQL injection vulnerability in VegaGroup Web Collection allows attackers to execute arbitrary SQL commands on the database. It affects all Web Co...

This SQL injection vulnerability in Elra Parkmatik allows attackers to execute arbitrary SQL commands through SOAP parameter tampering. Successful exp...

CVE-2023-37628 is a critical SQL injection vulnerability in Online Piggery Management System 1.0 that allows attackers to execute arbitrary SQL comman...

CVE-2023-37627 is a critical SQL injection vulnerability in Code-projects Online Restaurant Management System 1.0 that allows attackers to bypass auth...

CVE-2023-26861 is a critical SQL injection vulnerability in the Viva Wallet payment module for PrestaShop. Attackers can exploit this to execute arbit...

This SQL injection vulnerability in Tise Technology Parking Web Report allows attackers to execute arbitrary SQL commands on the database. It affects ...

This SQL injection vulnerability in Softmed SelfPatron allows attackers to execute arbitrary SQL commands on the database. It affects all SelfPatron i...

This SQL injection vulnerability in Yontem Informatics Vehicle Tracking System allows attackers to execute arbitrary SQL commands on the database. It ...

This SQL injection vulnerability in PrestaShop's Kerawen OCS module allows remote attackers to execute arbitrary SQL commands via specific components....

This SQL injection vulnerability in fossbilling allows attackers to execute arbitrary SQL commands through the application. It affects all users runni...