CWE-89: SQL Injection

Online Fire Reporting System v1.0 contains a SQL injection vulnerability in the delete_inquiry function that allows attackers to execute arbitrary SQL...

CVE-2022-31946 is a critical SQL injection vulnerability in Rescue Dispatch Management System v1.0 that allows attackers to execute arbitrary SQL comm...

Simple Inventory System v1.0 contains a SQL injection vulnerability in the table_edit_ajax.php endpoint that allows attackers to execute arbitrary SQL...

Online Car Wash Booking System v1.0 contains a SQL injection vulnerability in the admin booking details page that allows attackers to execute arbitrar...

Online Car Wash Booking System v1.0 contains a SQL injection vulnerability in the admin panel's user management page. Attackers can exploit this to ex...

Online Car Wash Booking System v1.0 contains a SQL injection vulnerability in the delete_vehicle function that allows attackers to execute arbitrary S...

Online Car Wash Booking System v1.0 contains a SQL injection vulnerability in the admin vehicle management interface that allows attackers to execute ...

CVE-2022-31352 is a critical SQL injection vulnerability in Online Car Wash Booking System v1.0 that allows attackers to execute arbitrary SQL command...

Online Car Wash Booking System v1.0 contains a SQL injection vulnerability in the get_vehicle_service endpoint that allows attackers to execute arbitr...

Online Ordering System version 2.3.2 contains a SQL injection vulnerability in the products parameter that allows attackers to execute arbitrary SQL c...

CVE-2022-31329 is a critical SQL injection vulnerability in Online Ordering System by janobe version 2.3.2 that allows attackers to execute arbitrary ...

Online Ordering System 2.3.2 contains a SQL injection vulnerability in the /ordering/admin/stockin/loaddata.php endpoint that allows attackers to exec...

Online Ordering System 2.3.2 contains a SQL injection vulnerability in the admin user management interface that allows attackers to execute arbitrary ...

EliteCMS v1.01 contains a SQL injection vulnerability in the admin/edit_post.php endpoint that allows attackers to execute arbitrary SQL commands. Thi...

EliteCMS v1.01 contains a SQL injection vulnerability in the /admin/add_sidebar.php endpoint that allows attackers to execute arbitrary SQL commands. ...

CVE-2022-30816 is a critical SQL injection vulnerability in elitecms 1.01 that allows attackers to execute arbitrary SQL commands via the /admin/edit_...

Online Ordering System 1.0 contains a SQL injection vulnerability in the admin/vieworders.php endpoint that allows attackers to execute arbitrary SQL ...

CVE-2022-30511 is a critical SQL injection vulnerability in School Dormitory Management System 1.0 that allows attackers to execute arbitrary SQL comm...

CVE-2022-30481 is a critical SQL injection vulnerability in Food Order and Table Reservation System 1.0 that allows attackers to execute arbitrary SQL...

Badminton Center Management System V1.0 contains an SQL injection vulnerability in the court rental status update functionality. Attackers can exploit...

CVE-2022-30352 is a SQL injection vulnerability in phpABook 0.9i that allows attackers to execute arbitrary SQL commands via the 'auth_user' parameter...

This vulnerability allows attackers to execute arbitrary SQL commands via the 'id' parameter in single.php in Responsive Online Blog v1.0. This can le...

CVE-2021-44095 is a critical SQL injection vulnerability in ProjectWorlds Hospital Management System in PHP 1.0 that allows remote attackers to execut...

CVE-2021-44097 is a critical SQL injection vulnerability in EGavilan Media's Contact-Form-With-Messages-Entry-Management plugin version 1.0. Attackers...

CVE-2021-26634 is a critical vulnerability in Maxboard software that allows SQL injection and file upload attacks due to insufficient input validation...

This SQL injection vulnerability in zzcms 2019 allows attackers to execute arbitrary SQL commands through the id parameter in /admin/dl_sendsms.php. T...

This SQL injection vulnerability in zzcms 2019 allows attackers to execute arbitrary SQL commands via the id parameter in dl/dl_print.php. Any system ...

This vulnerability allows attackers to execute arbitrary SQL commands on WordPress sites using the StaffList plugin before version 3.1.5. The SQL inje...

CVE-2022-30493 is a critical SQL injection vulnerability in oretnom23 Automotive Shop Management System v1.0 that allows remote attackers to extract d...

CVE-2022-30500 is a SQL injection vulnerability in Jfinal CMS 5.1.0 that allows attackers to execute arbitrary SQL commands through crafted inputs. Th...

CVE-2022-29660 is a critical SQL injection vulnerability in CSCMS Music Portal System v4.2 that allows attackers to execute arbitrary SQL commands via...

CVE-2022-30838 is a critical SQL injection vulnerability in Covid-19 Travel Pass Management System v1.0 that allows attackers to execute arbitrary SQL...

Water Billing Management System v1.0 contains a SQL injection vulnerability in the delete_client function that allows attackers to execute arbitrary S...

Merchandise Online Store 1.0 contains a SQL injection vulnerability in the delete_product function that allows attackers to execute arbitrary SQL comm...

CVE-2022-0781 is an unauthenticated SQL injection vulnerability in the Nirweb Support WordPress plugin. Attackers can execute arbitrary SQL commands t...

This vulnerability allows attackers to execute arbitrary SQL commands through the username field in the admin login page of Covid-19 Directory on Vacc...

This CVE describes a SQL injection vulnerability in ChatBot Application with a Suggestion Feature 1.0. Attackers can inject malicious SQL commands via...

CVE-2021-37413 is a critical SQL injection vulnerability in GRANDCOM DynWEB's admin login interface that allows unauthenticated attackers to execute a...

CVE-2022-30599 is a critical SQL injection vulnerability in Moodle's badges functionality that allows attackers to execute arbitrary SQL commands. Thi...

CVE-2022-30052 is a critical SQL injection vulnerability in Home Clean Service System 1.0's password parameter, allowing attackers to execute arbitrar...

CVE-2022-30054 is a critical SQL injection vulnerability in Covid 19 Travel Pass Management 1.0 that allows attackers to execute arbitrary SQL command...

Metasonic Doc WebClient versions 7.0.14.0, 7.0.12.0, and 7.0.3.0 contain a SQL injection vulnerability in the username field when SSO or System authen...

CVE-2022-0867 is a critical SQL injection vulnerability in the Pricing Table WordPress plugin that allows unauthenticated attackers to execute arbitra...

CVE-2022-30011 is a critical SQL injection vulnerability in HMS 1.0's appointment.php endpoint that allows attackers to execute arbitrary SQL commands...

CVE-2022-30765 is a SQL injection vulnerability in Calibre-Web's user table functionality that allows attackers to execute arbitrary SQL commands. Thi...

ERP-Pro v3.7.5 contains a SQL injection vulnerability in the SysEveMenuAuthPointMapper.xml component that allows attackers to execute arbitrary SQL co...

Hospital Management System v1.0 contains a SQL injection vulnerability in the delid parameter at viewtreatmentrecord.php that allows attackers to exec...

CVE-2022-30413 is a critical SQL injection vulnerability in Covid-19 Travel Pass Management System v1.0 that allows attackers to execute arbitrary SQL...

Merchandise Online Store v1.0 contains a SQL injection vulnerability in the delete_inventory function that allows attackers to execute arbitrary SQL c...

Merchandise Online Store v1.0 contains a SQL injection vulnerability in the delete_featured function that allows attackers to execute arbitrary SQL co...