CWE-89 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (17605 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-35193	1 Testlink	1 Testlink	2024-11-21	7.2 High
TestLink v1.9.20 was discovered to contain a SQL injection vulnerability via /lib/execute/execNavigator.php.
CVE-2022-35175	1 Barangay Management System Project	1 Barangay Management System	2024-11-21	9.8 Critical
Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /blotter/blotter.php.
CVE-2022-35154	1 Shopro	1 Mall System	2024-11-21	9.8 Critical
Shopro Mall System v1.3.8 was discovered to contain a SQL injection vulnerability via the value parameter.
CVE-2022-35148	1 Maccms	1 Maccms	2024-11-21	6.5 Medium
maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability via the table parameter at database/columns.html.
CVE-2022-35121	1 Xxyopen	1 Novel-plus	2024-11-21	9.8 Critical
Novel-Plus v3.6.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /service/impl/BookServiceImpl.java.
CVE-2022-35115	1 Icewarp	1 Webclient Dc2	2024-11-21	9.8 Critical
IceWarp WebClient DC2 - Update 2 Build 9 (13.0.2.9) was discovered to contain a SQL injection vulnerability via the search parameter at /webmail/server/webmail.php.
CVE-2022-34989	1 Fruits Bazar Project	1 Fruits Bazar	2024-11-21	9.8 Critical
Fruits Bazar v1.0 was discovered to contain a SQL injection vulnerability via the recover_email parameter at user_password_recover.php.
CVE-2022-34972	1 So Filter Shop By Project	1 So Filter Shop By	2024-11-21	9.8 Critical
So Filter Shop v3.x was discovered to contain multiple blind SQL injection vulnerabilities via the att_value_id , manu_value_id , opt_value_id , and subcate_value_id parameters at /index.php?route=extension/module/so_filter_shop_by/filter_data.
CVE-2022-34968	1 Percona	1 Percona Server	2024-11-21	7.5 High
An issue in the fetch_step function in Percona Server for MySQL v8.0.28-19 allows attackers to cause a Denial of Service (DoS) via a SQL query.
CVE-2022-34956	1 Pligg	1 Pligg Cms	2024-11-21	9.8 Critical
Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the page_size parameter at load_data_for_groups.php.
CVE-2022-34955	1 Pligg	1 Pligg Cms	2024-11-21	9.8 Critical
Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the page_size parameter at load_data_for_topusers.php.
CVE-2022-34954	1 Phptpoint	1 Pharmacy Management System	2024-11-21	9.8 Critical
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at invoiceprint.php.
CVE-2022-34953	1 Phptpoint	1 Pharmacy Management System	2024-11-21	9.8 Critical
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getOrderReport.php.
CVE-2022-34952	1 Phptpoint	1 Pharmacy Management System	2024-11-21	9.8 Critical
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edituser.php.
CVE-2022-34951	1 Phptpoint	1 Pharmacy Management System	2024-11-21	9.8 Critical
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getsalereport.php.
CVE-2022-34950	1 Pharmacy Management System Project	1 Pharmacy Management System	2024-11-21	9.8 Critical
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editproduct.php.
CVE-2022-34949	1 Pharmacy Management System Project	1 Pharmacy Management System	2024-11-21	9.8 Critical
Pharmacy Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the email or password parameter at login.php.
CVE-2022-34948	1 Pharmacy Management System Project	1 Pharmacy Management System	2024-11-21	9.8 Critical
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editbrand.php.
CVE-2022-34947	1 Pharmacy Management System Project	1 Pharmacy Management System	2024-11-21	9.8 Critical
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editcategory.php.
CVE-2022-34946	1 Pharmacy Management System Project	1 Pharmacy Management System	2024-11-21	9.8 Critical
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getexpproduct.php.

« first previous Page 687 of 881. next last »