CWE-89: SQL Injection

This SQL injection vulnerability in Cavok software allows attackers to execute arbitrary SQL commands by injecting malicious input. It affects systems...

This SQL injection vulnerability in MediaWiki's Cargo extension allows attackers to execute arbitrary SQL commands on the database. It affects MediaWi...

Delta Electronics DIAEnergie has an SQL injection vulnerability in the AM_RegReport.aspx script that allows unauthenticated attackers to extract datab...

A SQL injection vulnerability in Cloudlog 2.6.15 allows attackers to execute arbitrary SQL commands via the station_id parameter in the get_station_in...

This SQL injection vulnerability in Oceanic Software ValeApp allows attackers to execute arbitrary SQL commands through the application. It affects al...

This SQL injection vulnerability in The Events Calendar WordPress plugin allows unauthenticated attackers to execute arbitrary SQL queries through the...

This SQL injection vulnerability in Riello Netman 204 allows attackers to execute arbitrary SQL commands on the SQLite measurement database. It affect...

Best House Rental Management System 1.0 contains a SQL injection vulnerability in the delete_category() function that allows attackers to execute arbi...

A SQL injection vulnerability in ToDesk v1.1 allows remote attackers to execute arbitrary SQL commands via the /todesk.com/news.html parameter. This c...

This SQL injection vulnerability in SFS Consulting InsureE GL allows attackers to execute arbitrary SQL commands through the application. All organiza...

This SQL injection vulnerability in Best Free Law Office Management Software v1.0 allows attackers to execute arbitrary SQL commands through the regis...

This SQL injection vulnerability in evilnapsis Inventio Lite allows attackers to execute arbitrary SQL commands through the username parameter during ...

An unauthenticated SQL injection vulnerability exists in SO Planning tool when public view is enabled, allowing attackers to execute arbitrary SQL com...

An unauthenticated attacker can exploit a time-based SQL injection vulnerability in VICIdial to enumerate database records, including plaintext creden...

This SQL injection vulnerability in the TrueBooker WordPress plugin allows unauthenticated attackers to execute arbitrary SQL commands via AJAX reques...

This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands on WordPress sites using the Opti Marketing plugin. Attackers ca...

This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands on FlyCASS CASS and KCM systems. Attackers can potentially read,...

This is a critical SQL injection vulnerability in a job portal application's admin interface. Attackers can exploit it by sending malicious SQL querie...

This SQL injection vulnerability in a job portal's admin interface allows attackers to execute arbitrary SQL queries through the user_id parameter. At...

This SQL injection vulnerability in Job Portal software allows attackers to execute arbitrary SQL queries through the id parameter in the admin catego...

This SQL injection vulnerability in Semtek Sempos allows attackers to execute arbitrary SQL commands through blind injection techniques. It affects al...

This SQL injection vulnerability in Semtek Sempos software allows attackers to execute arbitrary SQL commands on the database. All users running Semte...

The Viral Signup WordPress plugin through version 2.1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrar...

SeaCMS v12.9 contains a SQL injection vulnerability in the id parameter at /dmplayer/dmku/index.php?ac=del. This allows attackers to execute arbitrary...

This vulnerability allows attackers to bypass authentication in ASIS (Aplikasi Sistem Sekolah) by exploiting SQL injection in the username parameter o...

This SQL injection vulnerability in NAC Telecommunication Systems' NACPremium software allows attackers to execute arbitrary SQL commands without auth...

This SQL injection vulnerability in Easytest Online Test Platform allows remote attackers to execute arbitrary SQL commands via the uid parameter in t...

An unauthenticated SQL injection vulnerability in WhatsUp Gold allows attackers to retrieve encrypted user passwords. This affects all WhatsUp Gold ve...

Organizr v1.90 contains a SQL injection vulnerability in the chat/setlike.php endpoint that allows attackers to execute arbitrary SQL commands. This a...

Organizr v1.90 contains a SQL injection vulnerability in chat/settyping.php that allows attackers to execute arbitrary SQL commands. This affects all ...

This SQL injection vulnerability in SportsNET version 4.0.1 allows attackers to execute arbitrary SQL queries through the 'url' parameter in the gener...

SQL injection vulnerabilities in SportsNET version 4.0.1 allow attackers to execute arbitrary SQL queries through the checkBlindFields endpoint. This ...

SQL injection vulnerability in SportsNET version 4.0.1 allows attackers to execute arbitrary SQL queries through the 'categoria' parameter. This could...

SQL injection vulnerabilities in SportsNET version 4.0.1 allow attackers to execute arbitrary SQL queries through the sort_bloques parameter. This cou...

This SQL injection vulnerability in SportsNET version 4.0.1 allows attackers to execute arbitrary SQL queries through the sendParticipationRemember en...

The Media Library Folders WordPress plugin has a second-order SQL injection vulnerability that allows authenticated attackers with subscriber-level ac...

This SQL injection vulnerability in Brain Low-Code allows attackers to execute arbitrary SQL commands through the Hibernate framework. It affects all ...

A critical SQL injection vulnerability in ATISolutions CIGES allows remote attackers to execute arbitrary SQL queries through the idCentro parameter i...

A SQL injection vulnerability in Centreon Web's updateServiceHost function allows attackers to execute arbitrary SQL commands. This affects all Centre...

A SQL injection vulnerability in Kashipara Music Management System v1.0 allows remote attackers to bypass authentication and execute arbitrary SQL com...

Kashipara Music Management System v1.0 contains a SQL injection vulnerability in the manage_playlist_items.php endpoint via the 'pid' parameter. Attac...

This SQL injection vulnerability in Keyfactor Command allows attackers to execute arbitrary SQL commands on the database. Successful exploitation coul...

This CVE describes a SQL injection vulnerability in the School Management System via the 'medium' parameter in dtmarks.php. Attackers can execute arbi...

This SQL injection vulnerability in the School Management System allows attackers to execute arbitrary SQL commands through the 'medium' parameter in ...

This SQL injection vulnerability in Pharmacy Management System allows attackers to execute arbitrary SQL commands through the invoice_number parameter...

This CVE describes a critical SQL injection vulnerability in an ERP system's contact deletion function. Attackers can execute arbitrary SQL commands b...

This SQL injection vulnerability in the School Management System allows attackers to execute arbitrary SQL commands through the 'sid' parameter in sea...

This SQL injection vulnerability in the School Management System allows attackers to execute arbitrary SQL commands via the 'medium' parameter in paid...

This SQL injection vulnerability in School Management System allows attackers to execute arbitrary SQL commands via the 'medium' parameter in insertat...

This SQL injection vulnerability in Hotel Management System allows attackers to execute arbitrary SQL commands through the room_type parameter. It aff...