CWE-89 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (19622 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-31415	1 Online Fire Reporting System Project	1 Online Fire Reporting System	2024-11-21	6.5 Medium
Online Fire Reporting System v1.0 was discovered to contain a SQL injection vulnerability via the GET parameter in /report/list.php.
CVE-2022-31384	1 Phpgurukul	1 Directory Management System	2024-11-21	9.8 Critical
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php.
CVE-2022-31383	1 Phpgurukul	1 Directory Management System	2024-11-21	9.8 Critical
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php.
CVE-2022-31382	1 Phpgurukul	1 Directory Management System	2024-11-21	9.8 Critical
Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php.
CVE-2022-31361	1 Docebo	1 Docebo	2024-11-21	9.8 Critical
Docebo Community Edition v4.0.5 and below was discovered to contain a SQL injection vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVE-2022-31357	1 Online Ordering System Project	1 Online Ordering System	2024-11-21	9.8 Critical
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/inventory/index.php?view=edit&id=.
CVE-2022-31356	1 Online Ordering System Project	1 Online Ordering System	2024-11-21	9.8 Critical
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/store/index.php?view=edit&id=.
CVE-2022-31355	1 Online Ordering System Project	1 Online Ordering System	2024-11-21	9.8 Critical
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/index.php?q=category&search=.
CVE-2022-31340	1 Simple Inventory System Project	1 Simple Inventory System	2024-11-21	9.8 Critical
Simple Inventory System v1.0 is vulnerable to SQL Injection via /inventory/table_edit_ajax.php.
CVE-2022-31339	1 Simple Inventory System Project	1 Simple Inventory System	2024-11-21	7.2 High
Simple Inventory System v1.0 is vulnerable to SQL Injection via /inventory/login.php.
CVE-2022-31338	1 Online Ordering System Project	1 Online Ordering System	2024-11-21	9.8 Critical
Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/user/index.php?view=edit&id=.
CVE-2022-31337	1 Online Ordering System Project	1 Online Ordering System	2024-11-21	9.8 Critical
Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/category/index.php?view=edit&id=.
CVE-2022-31336	1 Online Ordering System Project	1 Online Ordering System	2024-11-21	9.8 Critical
Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/stockin/loaddata.php.
CVE-2022-31335	1 Online Ordering System Project	1 Online Ordering System	2024-11-21	9.8 Critical
Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/stockin/index.php?view=edit&id=.
CVE-2022-31329	1 Online Ordering System Project	1 Online Ordering System	2024-11-21	9.8 Critical
Online Ordering System By janobe 2.3.2 is vulnerable to SQL Injection via /ordering/admin/orders/loaddata.php.
CVE-2022-31328	1 Online Ordering System Project	1 Online Ordering System	2024-11-21	9.8 Critical
Online Ordering System By janobe 2.3.2 has SQL Injection via /ordering/admin/products/index.php?view=edit&id=.
CVE-2022-31327	1 Online Ordering System Project	1 Online Ordering System	2024-11-21	9.8 Critical
Online Ordering System By janobe 2.3.2 is vulneranle to SQL Injection via /ordering/index.php?q=products&id=.
CVE-2022-31325	1 Churchcrm	1 Churchcrm	2024-11-21	7.2 High
There is a SQL Injection vulnerability in ChurchCRM 4.4.5 via the 'PersonID' field in /churchcrm/WhyCameEditor.php.
CVE-2022-31296	1 Online Discussion Forum Project	1 Online Discussion Forum	2024-11-21	9.8 Critical
Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php.
CVE-2022-30927	1 Simple Task Scheduling System Project	1 Simple Task Scheduling System	2024-11-21	9.8 Critical
A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable "id" parameter.

« first previous Page 806 of 982. next last »