CWE-89: SQL Injection

Funadmin v3.2.0 contains a SQL injection vulnerability in the selectFields parameter at controller/auth/Auth.php. This allows attackers to execute arb...

This SQL injection vulnerability in Alpata Licensed Warehousing Automation System allows attackers to execute arbitrary SQL commands, potentially lead...

Best POS Management System 1.0 contains a SQL injection vulnerability in the id parameter at /billing/home.php. This allows attackers to execute arbit...

CVE-2023-27205 is a critical SQL injection vulnerability in Best POS Management System 1.0 that allows attackers to execute arbitrary SQL commands via...

Online Pizza Ordering System 1.0 contains a SQL injection vulnerability in the admin/manage_user.php endpoint via the id parameter. This allows attack...

This CVE describes a SQL injection vulnerability in Online Pizza Ordering System 1.0, allowing attackers to execute arbitrary SQL commands via the 'id...

This SQL injection vulnerability in Online Student Management System v1.0 allows attackers to execute arbitrary SQL commands via the searchdata parame...

This SQL injection vulnerability in Akinsoft Wolvox allows attackers to execute arbitrary SQL commands on the database. It affects all Wolvox installa...

Funadmin v3.2.0 contains a SQL injection vulnerability in the id parameter at /databases/table/list endpoint. This allows attackers to execute arbitra...

Funadmin v3.2.0 contains a SQL injection vulnerability in the id parameter at /databases/database/edit endpoint. This allows attackers to execute arbi...

CVE-2023-26922 is a critical SQL injection vulnerability in Varisicte matrix-gui v.2 that allows remote attackers to execute arbitrary code via the sh...

This SQL injection vulnerability in Ulkem Company's PtteM Kart software allows attackers to execute arbitrary SQL commands on the database. It affects...

Funadmin v3.2.0 contains a SQL injection vulnerability in the id parameter at /databases/table/columns endpoint. This allows attackers to execute arbi...

Funadmin v3.2.0 contains a SQL injection vulnerability in the selectFields parameter at /member/Member.php that allows attackers to execute arbitrary ...

Funadmin v3.2.0 contains a SQL injection vulnerability in the selectFields parameter at /member/MemberLevel.php. This allows attackers to execute arbi...

This SQL injection vulnerability in Mia Technology's Mia-Med software allows attackers to execute arbitrary SQL commands by injecting malicious input....

CVE-2021-36392 is a critical SQL injection vulnerability in Moodle's user enrollment library that allows attackers to execute arbitrary SQL queries. T...

This SQL injection vulnerability in MedDataPACS allows attackers to execute arbitrary SQL commands on the database. It affects all MedDataPACS install...

Judging Management System v1.0 contains a SQL injection vulnerability in the sid parameter at /php-jms/updateview.php that allows attackers to execute...

This SQL injection vulnerability in Judging Management System v1.0 allows attackers to execute arbitrary SQL commands via the sid parameter in the upd...

This SQL injection vulnerability in Accruent Maintenance Connection allows attackers to execute arbitrary SQL commands through the E-Mail to Work Orde...

CVE-2023-26780 is a SQL injection vulnerability in CleverStupidDog yf-exam version 1.8.0 that allows attackers to execute arbitrary SQL commands. This...

This SQL injection vulnerability in Glox Technology Useroam Hotspot allows attackers to execute arbitrary SQL commands through unvalidated user input....

CVE-2023-23315 is a critical blind SQL injection vulnerability in the PrestaShop stripejs module that allows attackers to execute arbitrary SQL comman...

This SQL injection vulnerability in Uzay Baskul Weighbridge Automation Software allows attackers to execute arbitrary SQL commands on the database. It...

This SQL injection vulnerability in Domotica Labs srl Ikon Server allows attackers to execute arbitrary SQL commands on the database. It affects all I...

This SQL injection vulnerability in Art Gallery Management System 1.0 allows attackers to execute arbitrary SQL commands via the username parameter in...

Davinci v0.3.0-rc contains a SQL injection vulnerability in the copyDisplay function that allows attackers to execute arbitrary SQL commands. This aff...

This SQL injection vulnerability in BMC Control-M allows attackers to execute arbitrary SQL commands via the memname JSON field. Attackers could poten...

This SQL injection vulnerability in SDD-Baro software allows attackers to execute arbitrary SQL commands on the database. It affects all SDD-Baro vers...

This SQL injection vulnerability in NTN Information Technologies Online Services Software allows attackers to execute arbitrary SQL commands by inject...

This vulnerability allows attackers to execute arbitrary SQL commands through the username parameter in Online Student Admission System 1.0. Attackers...

This CVE describes a SQL injection vulnerability in znfit Home improvement ERP management system that allows attackers to execute arbitrary SQL comman...

CVE-2023-23279 is a critical SQL injection vulnerability in Canteen Management System 1.0 that allows attackers to execute arbitrary SQL commands via ...

This SQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows attackers to execute arbitrary SQL commands via the username parameter. Att...

CVE-2022-40032 is a critical SQL injection vulnerability in Simple Task Managing System version 1.0 that allows unauthenticated attackers to execute a...

This CVE describes an unauthenticated SQL injection vulnerability in Intern Record System version 1.0. Attackers can exploit parameters in the control...

LuckyframeWEB v3.5 contains a SQL injection vulnerability in the dataScope parameter at /system/DeptMapper.xml that allows attackers to execute arbitr...

LuckyframeWEB v3.5 contains a SQL injection vulnerability in the dataScope parameter at /system/UserMapper.xml that allows attackers to execute arbitr...

This CVE describes an SQL injection vulnerability in the cms-corephp project that allows unauthenticated attackers to bypass authentication and gain e...

This SQL injection vulnerability in Kliqqi-CMS allows attackers to manipulate database queries through the recordIDValue parameter in the admin panel....

CVE-2023-24084 is a critical SQL injection vulnerability in ChiKoi v1.0 that allows attackers to execute arbitrary SQL commands via the load_file func...

This SQL injection vulnerability in Group Arge Energy and Control Systems Smartpower Web allows attackers to execute arbitrary SQL commands through th...

This SQL injection vulnerability in Art Gallery Management System v1.0 allows attackers to execute arbitrary SQL commands via the cid parameter in pro...

This SQL injection vulnerability in Future-Depth Institutional Management Website (IMS) 1.0 allows attackers to execute arbitrary SQL commands via the...

Raffle Draw System v1.0 contains a SQL injection vulnerability in the save_ticket.php file via the id parameter. This allows attackers to execute arbi...

Raffle Draw System v1.0 contains SQL injection vulnerabilities in the save_winner.php endpoint via ticket_id and draw parameters. This allows attacker...

CVE-2021-37497 is a critical SQL injection vulnerability in PbootCMS 3.0.5 that allows remote attackers to execute arbitrary SQL commands via crafted ...

This SQL injection vulnerability in JIZHICMS 1.9.5 allows attackers to execute arbitrary SQL commands through the add or edit article pages. Attackers...

This SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to execute arbitrary SQL commands through the cat parameter in /list.ph...