CWE-89
19,418 CVEs • Abstraction: Base • Likelihood of Exploit: High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
CVEs (19,418)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Phpgurukul 1Small Crm Apr 29, 2026 Sep 18, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was determined in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /create-ticket.php. Executing manipulation of the argument subject can lead to sql injection. The attack may be lau...Show more |
1Phpgurukul 1Online Course Registration Apr 29, 2026 Sep 18, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was found in PHPGurukul Online Course Registration 3.1. This affects an unknown function of the file /my-profile.php. Performing manipulation of the argument cgpa results in sql injection. The attack may...Show more |
A vulnerability has been found in SeaCMS up to 13.3. The impacted element is an unknown function of the file /admin_members.php?ac=editsave. Such manipulation of the argument ID leads to sql injection. The attack can be...Show more |
1Janobe 1Online Exam Form Submission Apr 29, 2026 Sep 18, 2025 2.1 LOW· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. This affects an unknown part of the file /admin/delete_user.php. Such manipulation of the argument ID leads to sql injection. The attack c...Show more |
1Janobe 1Online Exam Form Submission Apr 29, 2026 Sep 18, 2025 2.1 LOW· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A flaw has been found in SourceCodester Online Exam Form Submission 1.0. Affected by this issue is some unknown functionality of the file /admin/update_s3.php. This manipulation of the argument credits causes sql injecti...Show more |
1Janobe 1Online Exam Form Submission Apr 29, 2026 Sep 17, 2025 2.1 LOW· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability was detected in SourceCodester Online Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /user/dashboard.php?page=update_profile. The manipulation of the argu...Show more |
1Phpgurukul 1User Management System Apr 29, 2026 Sep 17, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A security flaw has been discovered in PHPGurukul User Management System 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument emailid results in sql injection. The attack...Show more |
1Fabian 1Hotel Reservation System Apr 29, 2026 Sep 17, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was identified in SourceCodester Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteuser.php. Such manipulation of the argument ID leads to sql injection. It is po...Show more |
1Fabian 1Hotel Reservation System Apr 29, 2026 Sep 17, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was determined in SourceCodester Hotel Reservation System 1.0. The affected element is an unknown function of the file editroomimage.php. This manipulation of the argument ID causes sql injection. It is p...Show more |
1Angeljudesuarez 1Online Clinic Management System Apr 29, 2026 Sep 17, 2025 2.1 LOW· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A flaw has been found in itsourcecode Online Clinic Management System 1.0. This vulnerability affects unknown code of the file /editp2.php. Executing manipulation of the argument id/firstname/lastname/type/age/address ca...Show more |
1Angeljudesuarez 1Online Clinic Management System Apr 29, 2026 Sep 17, 2025 2.1 LOW· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A security vulnerability has been detected in itsourcecode Online Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file transact.php. Such manipulation of the argument firstname l...Show more |
1Razormist 1Online Polling System Apr 29, 2026 Sep 17, 2025 2.1 LOW· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A weakness has been identified in SourceCodester Online Polling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/positions.php. This manipulation of the argument ID causes sql inj...Show more |
1Facebook Julykringcadayona 1Student Information System Apr 29, 2026 Sep 17, 2025 2.1 LOW· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability has been found in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /leveledit1.php. Such manipulation of the argument level_id leads to sql injection. T...Show more |
1Emiloi 1Online Discussion Forum Apr 29, 2026 Sep 17, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was identified in PHPGurukul Online Discussion Forum 1.0. This affects an unknown part of the file /admin/edit_member.php. The manipulation of the argument ID leads to sql injection. The attack may be ini...Show more |
1Emiloi 1Online Discussion Forum Apr 29, 2026 Sep 17, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was determined in PHPGurukul Online Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_forum/search_result.php. Executing manipulation of the argument Sear...Show more |
1Janobe 1Online Exam Form Submission Apr 29, 2026 Sep 17, 2025 2.1 LOW· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability was found in SourceCodester Online Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/delete_s1.php. Performing manipulation of the argument ID results...Show more |
1Janobe 1Online Exam Form Submission Apr 29, 2026 Sep 17, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. Affected is an unknown function of the file /admin/index.php. Such manipulation of the argument email leads to sql injection. It is possib...Show more |
1Itsourcecode 1Web Based Internet Laboratory Management System Apr 29, 2026 Sep 17, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument user...Show more |
1Mayurik 1Pet Grooming Management Software Apr 29, 2026 Sep 17, 2025 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was identified in SourceCodester Pet Grooming Management Software 1.0. This issue affects some unknown processing of the file /admin/search_product.php. Such manipulation of the argument group_id leads to...Show more |
1Kidaze 1Courseselectionsystem Oct 8, 2025 Sep 17, 2025 6.9 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was determined in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This vulnerability affects unknown code of the file /Profilers/PriProfile/COUNT2.php. This manipulation of th...Show more |