Skip to main content

SQL Injection

web HIGH

SQL injection exploits the way applications construct database queries by mixing user input directly into SQL statements.

How It Works

SQL injection exploits the way applications construct database queries by mixing user input directly into SQL statements. When developers concatenate untrusted data into queries without proper sanitization, attackers can inject SQL syntax that changes the query's logic. For example, entering ' OR '1'='1 into a login form might transform SELECT * FROM users WHERE username='input' into a query that always returns true, bypassing authentication.

Attackers follow a methodical process: first probing input fields with special characters like quotes or semicolons to trigger database errors, then identifying whether the application is vulnerable. Once confirmed, they escalate by injecting commands to extract data (UNION-based attacks to merge results from other tables), manipulate records, or probe the database structure. Blind SQL injection variants work without visible error messages—boolean-based attacks infer data by observing application behavior changes, while time-based attacks use database sleep functions to confirm successful injection through response delays.

Advanced scenarios include second-order injection, where malicious input is stored in the database and later executed in a different context, and out-of-band attacks that exfiltrate data through DNS queries or HTTP requests when direct data retrieval isn't possible. Some database systems enable attackers to execute operating system commands through built-in functions like MySQL's LOAD_FILE or SQL Server's xp_cmdshell, escalating from database compromise to full server control.

Impact

  • Complete data breach — extraction of entire database contents including credentials, personal information, and proprietary data
  • Authentication bypass — logging in as any user without knowing passwords
  • Data manipulation — unauthorized modification or deletion of critical records
  • Privilege escalation — granting administrative rights to attacker-controlled accounts
  • Remote code execution — leveraging database features to run operating system commands and compromise the underlying server
  • Lateral movement — using compromised database credentials to access other connected systems

Real-World Examples

FreePBX's CVE-2025-66039 demonstrated a complete attack chain where SQL injection across 11 parameters in four different endpoints allowed attackers to write malicious entries into the cron_jobs table. When the system's scheduler executed these entries, the injected SQL transformed into operating system commands, granting full server control. The vulnerability required no authentication, making it immediately exploitable.

E-commerce platforms have suffered massive breaches through shopping cart SQL injection, where attackers inserted skimming code into stored procedures that executed during checkout, harvesting credit card data from thousands of transactions. Healthcare systems have been compromised through patient portal vulnerabilities, exposing millions of medical records when attackers injected UNION queries to merge data from supposedly isolated tables.

Mitigation

  • Parameterized queries (prepared statements) — separates SQL logic from data, making injection syntactically impossible
  • Object-Relational Mapping (ORM) frameworks — abstracts database interactions with built-in protections when used correctly
  • Strict input validation — whitelist acceptable characters and formats, reject suspicious patterns
  • Least privilege database accounts — applications should use credentials with minimal necessary permissions
  • Web Application Firewall (WAF) — detects and blocks common injection patterns as a secondary defense layer
  • Database activity monitoring — alerts on unusual query patterns or privilege escalation attempts

Recent CVEs (15171)

EPSS 0% CVSS 7.6
HIGH This Week

Blind SQL injection in Neoforum version 1.0 and earlier allows high-privileged attackers to execute arbitrary SQL commands over the network without user interaction, potentially compromising data confidentiality and integrity. The vulnerability stems from inadequate sanitization of user inputs in SQL queries, and no patch is currently available.

SQLi
NVD
EPSS 0% CVSS 8.5
HIGH This Week

Nelio Content versions 4.1.0 and earlier contain a blind SQL injection vulnerability that allows authenticated attackers to execute arbitrary database queries over the network. This vulnerability requires valid user credentials but no user interaction, enabling attackers to read, modify, or delete sensitive database contents. No patch is currently available to address this high-severity flaw.

SQLi
NVD
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Hibernate's InlineIdsOrClauseBuilder is vulnerable to second-order SQL injection when processing non-alphanumeric characters in ID columns, allowing authenticated attackers to read sensitive data, modify database contents, or cause denial of service. The vulnerability requires low privileges and network access with no user interaction, making it exploitable by remote attackers with valid credentials. No patch is currently available.

SQLi Denial Of Service Information Disclosure
NVD HeroDevs VulDB
EPSS 0% CVSS 8.5
HIGH This Week

Blind SQL injection in shinetheme Traveler versions before 3.2.8 enables authenticated attackers to extract sensitive database information through manipulated SQL queries. An attacker with valid credentials can exploit this vulnerability to read, modify, or delete arbitrary data with no user interaction required. No patch is currently available.

SQLi
NVD
EPSS 0% CVSS 7.6
HIGH This Week

FireStorm Plugins FireStorm Professional Real Estate fs-real-estate-plugin is affected by sql injection (CVSS 7.6).

SQLi
NVD
EPSS 0% CVSS 8.5
HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in themepassion Ultra Portfolio ultra-portfolio allows Blind SQL Injection.This issue affects Ultra Portfolio: from n/a through <= 6.7. [CVSS 8.8 HIGH]

SQLi
NVD
EPSS 0% CVSS 8.5
HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FooEvents FooEvents for WooCommerce fooevents allows SQL Injection.This issue affects FooEvents for WooCommerce: from n/a through <= 1.20.4. [CVSS 8.5 HIGH]

WordPress SQLi PHP
NVD
EPSS 0% CVSS 8.5
HIGH This Week

HappyMonster Happy Addons for Elementor happy-elementor-addons is affected by sql injection (CVSS 8.5).

SQLi
NVD
EPSS 0% CVSS 8.5
HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal AppExperts appexperts allows SQL Injection.This issue affects AppExperts: from n/a through <= 1.4.5. [CVSS 8.5 HIGH]

SQLi
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

Paid Downloads WordPress plugin has a SQL injection vulnerability enabling database compromise through the download management functionality.

SQLi
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

CleverReach WordPress plugin has a SQL injection vulnerability allowing attackers to extract email marketing data and WordPress credentials from the database.

SQLi
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Antideo Antideo Email Validator antideo-email-validator allows Blind SQL Injection.This issue affects Antideo Email Validator: from n/a through <= 1.0.10. [CVSS 7.5 HIGH]

SQLi
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

MailerLite WordPress plugin has a SQL injection vulnerability enabling attackers to extract sensitive data from the WordPress database.

WordPress SQLi
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

WP Learn SQL Injection allows unauthenticated attackers to execute arbitrary SQL queries against the WordPress database, exposing all stored data.

SQLi
NVD
EPSS 0% CVSS 8.5
HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through <= 2.5. [CVSS 8.8 HIGH]

SQLi
NVD
EPSS 0% CVSS 8.5
HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ZoomIt DZS Video Gallery dzs-videogallery allows SQL Injection.This issue affects DZS Video Gallery: from n/a through <= 12.37. [CVSS 8.8 HIGH]

SQLi
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. [CVSS 8.8 HIGH]

SQLi Unisphere For Powermax Virtual Appliance Unisphere For Powermax
NVD
EPSS 0% CVSS 8.0
HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows SQL Injection.This issue affects Hotel Guest Hotspot: through 22012026. [CVSS 8.0 HIGH]

SQLi Hotel Guest Hotspot
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Improper input sanitization in CoreShop's CustomerTransformerController prior to version 4.1.9 allows authenticated administrators to inject SQL commands through the admin panel, enabling database error-based information disclosure. An attacker with high-privilege access can exploit this to extract sensitive data from the underlying database without modifying or deleting records. A patch is available in version 4.1.9 and later.

SQLi Coreshop
NVD GitHub
EPSS 0% CVSS 8.6
HIGH This Week

AES contains a SQL injection vulnerability due to an inactive configuration that prevents the latest SQL parsing logic from being applied. When this configuration is not enabled, crafted input may be improperly handled, allowing attackers to inject and execute arbitrary SQL queries. [CVSS 8.6 HIGH]

SQLi On Prem Enterprise Server
NVD
EPSS 0% CVSS 7.1
HIGH POC This Week

SEO Panel versions prior to 4.9.0 contain a blind SQL injection vulnerability in the archive.php page that allows authenticated attackers to manipulate database queries through the 'order_col' parameter. [CVSS 7.1 HIGH]

PHP SQLi
NVD GitHub Exploit-DB
EPSS 0% CVSS 8.2
HIGH POC This Week

Blitar Tourism 1.0 contains an authentication bypass vulnerability that allows attackers to bypass login by injecting SQL code through the username parameter. [CVSS 8.2 HIGH]

SQLi Authentication Bypass
NVD GitHub Exploit-DB
EPSS 0% CVSS 8.2
HIGH POC This Week

Digital Crime Report Management System 1.0 contains a critical SQL injection vulnerability affecting multiple login pages that allows unauthenticated attackers to bypass authentication. [CVSS 8.2 HIGH]

SQLi Authentication Bypass
NVD Exploit-DB
EPSS 0% CVSS 6.5
MEDIUM This Month

Abacre Retail Point of Sale 14.0.0.396 is vulnerable to content-based blind SQL injection. The vulnerability exists in the Search function of the Orders page. [CVSS 6.5 MEDIUM]

SQLi Retail Point Of Sale
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

SQL injection in Yonyou KSOA 9.0's /kmf/user_popedom.jsp endpoint allows unauthenticated remote attackers to manipulate the folderid parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. The attack requires no user interaction and can result in unauthorized data access, modification, or system disruption.

SQLi Ksoa
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

SQL injection in Yonyou KSOA 9.0 via the folderid parameter in /kmf/select.jsp allows unauthenticated remote attackers to manipulate database queries and potentially extract or modify sensitive data. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification.

SQLi Ksoa
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

SQL injection in Yonyou KSOA 9.0 via the folderid parameter in /kmf/save_folder.jsp allows unauthenticated remote attackers to manipulate database queries and potentially access, modify, or delete sensitive data. Public exploit code is available for this vulnerability, increasing the risk of active exploitation. No patch is currently available from the vendor.

SQLi Ksoa
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in itsourcecode School Management System 1.0 via the ID parameter in /subject/index.php allows unauthenticated remote attackers to query, modify, or delete database contents. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and can be executed over the network against vulnerable instances.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Wings for Pterodactyl versions 1.7.0 through 1.11.x fail to respect SQLite's maximum parameter limit when deleting activity log entries, allowing authenticated users to trigger a database error that prevents log cleanup and causes indefinite accumulation of records. This denial of service condition degrades panel performance and availability over time. Public exploit code exists for this vulnerability, and no patch is currently available.

SQLi Wings Suse
NVD GitHub
EPSS 0%
Monitor

Tandoor Recipes is a recipe manager than can be installed with the Nix package manager. Starting in version 23.05 and prior to version 26.05, when using the default configuration of Tandoor Recipes, specifically using SQLite and default `MEDIA_ROOT`, the full database file may be externally accessible, potentially on the Internet. The root cause is that the NixOS module configures the working directory of Tandoor Recipes, as well as the value of `MEDIA_ROOT`, to be `/var/lib/tandoor-recipes`....

Nginx PostgreSQL SQLi
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

PHPGurukul Directory Management System 1.0 contains a SQL injection vulnerability in the search functionality of /index.php that allows unauthenticated remote attackers to manipulate the searchdata parameter and execute arbitrary database queries. Public exploit code is available for this vulnerability, and no patch is currently available. The vulnerability impacts confidentiality, integrity, and availability with a CVSS score of 7.3.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Online Frozen Foods Ordering System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

Devolutions Server 2025.3.1 through 2025.3.6 contains a SQL injection vulnerability in the remote sessions component that allows attackers to manipulate database queries.

SQLi Devolutions Server
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

SQL injection in Yonyou KSOA 9.0 allows unauthenticated remote attackers to manipulate the folderid parameter in /kmf/folder.jsp HTTP requests, potentially leading to unauthorized data access or modification. Public exploit code exists for this vulnerability, and the vendor has not provided a patch or response despite early notification.

SQLi Ksoa
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

SQL injection in Yonyou KSOA 9.0 via the folderid parameter in /kmf/edit_folder.jsp allows unauthenticated remote attackers to execute arbitrary database queries. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early disclosure notification.

SQLi Ksoa
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

SQL injection in Yonyou KSOA 9.0's /kmc/save_catalog.jsp endpoint allows unauthenticated remote attackers to manipulate the catalogid parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires only network access with no user interaction, enabling potential data exfiltration and unauthorized database modification.

SQLi Ksoa
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

Unauthenticated SQL injection in Yonyou KSOA 9.0 via the ID parameter in the /worksheet/worksadd_plan.jsp endpoint allows remote attackers to execute arbitrary SQL queries and potentially access or modify sensitive data. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. The attack requires no authentication or user interaction and can be exploited over the network.

SQLi Ksoa
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

SQL injection in Yonyou KSOA 9.0's /worksheet/worksadd.jsp endpoint allows unauthenticated remote attackers to manipulate the ID parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification. The attack requires no user interaction and could enable unauthorized data access, modification, or deletion.

SQLi Ksoa
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

SQL injection in Yonyou KSOA 9.0 allows unauthenticated remote attackers to manipulate the ID parameter in the /worksheet/work_report.jsp endpoint, potentially enabling unauthorized data access or modification. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification.

SQLi Ksoa
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

SQL injection in Yonyou KSOA 9.0's /worksheet/work_mod.jsp endpoint allows unauthenticated remote attackers to manipulate the ID parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and the vendor has not provided a patch or response to disclosure. The attack requires no user interaction and could enable unauthorized data access or modification.

SQLi Ksoa
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

Yonyou KSOA 9.0 contains a SQL injection vulnerability in the /worksheet/work_info.jsp endpoint via an unsanitized ID parameter, allowing unauthenticated remote attackers to execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. The attack requires no user interaction and can result in unauthorized data access, modification, or denial of service.

SQLi Ksoa
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

SQL injection in Yonyou KSOA 9.0's /worksheet/del_workplan.jsp endpoint allows unauthenticated remote attackers to manipulate the ID parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification.

SQLi Ksoa
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

SQL injection in Yonyou KSOA 9.0 allows unauthenticated remote attackers to manipulate the ID parameter in the /worksheet/del_work.jsp endpoint, potentially enabling unauthorized data access, modification, or deletion. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early disclosure notification.

SQLi Ksoa
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Society Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in itsourcecode Society Management System 1.0 allows authenticated attackers to manipulate the Title parameter in /admin/add_activity.php, enabling remote data exfiltration, modification, or denial of service. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in EasyCMS up to version 1.6 via the _order parameter in /UserAction.class.php allows unauthenticated remote attackers to manipulate database queries and potentially access or modify sensitive data. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in FeMiner Warehouse Management System's /src/chkuser.php endpoint allows unauthenticated remote attackers to manipulate the Username parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and the vendor has not provided patches despite early notification. The flaw affects all versions up to commit 9cad1f1b179a98b9547fd003c23b07c7594775fa and enables attackers to potentially read, modify, or delete sensitive warehouse data.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

SQL injection in the REST authentication endpoint of risesoft-y9 Digital-Infrastructure up to version 9.6.7 allows unauthenticated remote attackers to manipulate input parameters and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and the vendor has not yet released a patch despite early notification. The attack requires no user interaction and can compromise data confidentiality, integrity, and availability.

Java SQLi
NVD GitHub VulDB
EPSS 0% CVSS 4.9
MEDIUM This Month

The Advanced Ads - Ad Manager & AdSense plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 2.0.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. [CVSS 4.9 MEDIUM]

WordPress SQLi PHP
NVD
EPSS 0% CVSS 7.2
HIGH POC PATCH This Week

SQL injection in WeGIA's Atendido_ocorrenciaControle endpoint allows authenticated attackers to manipulate the id_memorando parameter and extract entire databases, exposing sensitive personal information and potentially reading arbitrary files on misconfigured systems. Public exploit code exists for this vulnerability affecting WeGIA versions prior to 3.6.2. A patch is available in version 3.6.2 and should be deployed immediately to affected charitable institution management systems.

SQLi Wegia
NVD GitHub
EPSS 0% CVSS 9.1
CRITICAL POC Act Now

Grocery Crud 1.6.4 has a SQL injection vulnerability in the order_by parameter, allowing remote attackers to read, modify, or delete database contents through crafted sort requests.

SQLi Grocery Crud
NVD Exploit-DB
EPSS 0% CVSS 8.2
HIGH POC This Week

Vianeos OctoPUS 5 contains a time-based blind SQL injection vulnerability in the 'login_user' parameter during authentication requests. [CVSS 8.2 HIGH]

SQLi
NVD Exploit-DB
EPSS 0% CVSS 8.2
HIGH POC This Week

Odine Solutions GateKeeper 1.0 contains a SQL injection vulnerability in the trafficCycle API endpoint that allows remote attackers to inject malicious database queries. [CVSS 8.2 HIGH]

PostgreSQL SQLi
NVD Exploit-DB
EPSS 0% CVSS 8.8
HIGH POC This Week

A time-based blind SQL Injection vulnerability exists in PHPGurukul Cyber Cafe Management System v1.0 within the adminprofile.php endpoint. [CVSS 8.8 HIGH]

PHP SQLi Cyber Cafe Management System
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Phpgurukul Cyber Cafe Management System v1.0 has SQL injection in the username parameter of add-users.php. PoC available.

PHP SQLi Cyber Cafe Management System
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

GLPI is a free asset and IT management software package. From 11.0.0, < 11.0.3, an unauthenticated user can perform a SQL injection through the inventory endpoint. [CVSS 7.5 HIGH]

SQLi Glpi
NVD GitHub
EPSS 0% CVSS 8.2
HIGH POC This Week

Build Smart ERP 21.0817 contains an unauthenticated SQL injection vulnerability in the 'eidValue' parameter of the login validation endpoint. [CVSS 8.2 HIGH]

SQLi
NVD Exploit-DB
EPSS 0% CVSS 7.1
HIGH POC This Week

Kmaleon 1.1.0.205 contains an authenticated SQL injection vulnerability in the 'tipocomb' parameter of kmaleonW.php that allows attackers to manipulate database queries. [CVSS 7.1 HIGH]

PHP SQLi
NVD Exploit-DB
EPSS 0% CVSS 8.2
HIGH POC This Week

Aimeos 2021.10 LTS contains a SQL injection vulnerability in the json api 'sort' parameter that allows attackers to inject malicious database queries. Attackers can manipulate the sort parameter to reveal table and column names by sending crafted GET requests to the jsonapi/review endpoint. [CVSS 8.2 HIGH]

SQLi
NVD Exploit-DB
EPSS 0% CVSS 6.5
MEDIUM POC This Month

An SQL injection vulnerability in InvoicePlane through 1.6.3 has been identified in "maxQuantity" and "minQuantity" parameters when generating a report. An authenticated attacker can exploit this issue via error-based SQL injection, allowing for the extraction of arbitrary data from the database. [CVSS 6.5 MEDIUM]

SQLi Invoiceplane
NVD GitHub
EPSS 0% CVSS 4.9
MEDIUM This Month

An SQL injection vulnerability in Itflow through 25.06 has been identified in the "role_id" parameter when editing a profile. An attacker with admin account can exploit this issue via blind SQL injection, allowing for the extraction of arbitrary data from the database. [CVSS 4.9 MEDIUM]

SQLi Itflow
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

The Appointment Booking Calendar - Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection via the `order` and `append_where_sql` parameters in all versions up to, and including, 1.6.9.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. [CVSS 7.5 HIGH]

WordPress SQLi PHP
NVD
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

Blind SQL injection in Pimcore's Admin Search Find API allows authenticated attackers to extract database information through inferential techniques, bypassing the incomplete mitigation from a prior patch that only removed comment-based attacks. The vulnerability affects Pimcore versions prior to 12.3.1 and 11.5.14, with public exploit code available. Patched versions are available and should be deployed immediately.

SQLi Information Disclosure Pimcore
NVD GitHub
EPSS 0% CVSS 7.2
HIGH This Week

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. [CVSS 7.2 HIGH]

SQLi Edgeconnect Sd Wan Orchestrator
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. [CVSS 7.2 HIGH]

SQLi Edgeconnect Sd Wan Orchestrator
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. [CVSS 7.2 HIGH]

SQLi Edgeconnect Sd Wan Orchestrator
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The Shipping Rate By Cities plugin for WordPress is vulnerable to SQL Injection via the 'city' parameter in all versions up to, and including, 2.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. [CVSS 7.5 HIGH]

WordPress SQLi PHP
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Flat Shipping Rate by City for WooCommerce (WordPress plugin) is affected by sql injection (CVSS 4.9).

WordPress SQLi
NVD
EPSS 0% CVSS 7.1
HIGH This Week

The DASHBOARD BUILDER - WordPress plugin for Charts and Graphs plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.7. This is due to missing nonce validation on the settings handler in dashboardbuilder-admin.php. [CVSS 7.1 HIGH]

WordPress PHP SQLi +1
NVD
EPSS 0% CVSS 8.2
HIGH POC This Week

WorkOrder CMS 0.1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login by manipulating username and password parameters. [CVSS 8.2 HIGH]

SQLi
NVD GitHub Exploit-DB
EPSS 0% CVSS 8.2
HIGH POC This Week

Social-Share-Buttons 2.2.3 contains a critical SQL injection vulnerability in the project_id parameter that allows attackers to manipulate database queries. [CVSS 8.2 HIGH]

SQLi
NVD GitHub Exploit-DB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Aero CMS 0.0.1 has SQL injection in the author parameter exploitable through boolean-based, error-based, time-based, and UNION query techniques. PoC available.

SQLi Aerocms
NVD GitHub Exploit-DB
EPSS 0% CVSS 6.5
MEDIUM POC This Month

VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the img_id parameter. [CVSS 6.5 MEDIUM]

PHP SQLi Wallpaper Admin
NVD Exploit-DB
EPSS 0% CVSS 8.2
HIGH POC This Week

VIAVIWEB Wallpaper Admin 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating login credentials. Attackers can exploit the login page by injecting 'admin' or 1=1-- - payload to gain unauthorized access to the administrative interface. [CVSS 8.2 HIGH]

SQLi Authentication Bypass Wallpaper Admin
NVD Exploit-DB
EPSS 0% CVSS 8.2
HIGH POC This Week

Senayan Library Management System 9.0.0 contains a SQL injection vulnerability in the 'class' parameter that allows attackers to inject malicious SQL queries. [CVSS 8.2 HIGH]

SQLi
NVD GitHub Exploit-DB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

SQL injection in Microsoft SharePoint Server enables authenticated attackers to execute arbitrary code remotely through improper sanitization of database queries. This vulnerability affects authorized users with network access and could allow them to compromise affected systems with high-level privileges. No patch is currently available for this issue.

Microsoft SQLi Sharepoint Server
NVD
EPSS 0% CVSS 7.2
HIGH This Week

An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerability in Fortinet FortiClientEMS 7.4.3 through 7.4.4, FortiClientEMS 7.4.0 through 7.4.1, FortiClientEMS 7.2.0 through 7.2.10, FortiClientEMS 7.0 all versions may allow an authenticated attacker with at least read-only admin permission to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests. [CVSS 7.2 HIGH]

Fortinet SQLi Forticlientems
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

phpgurukul News Portal V4.1 has SQL injection in check_availablity.php. PoC available.

PHP SQLi News Portal
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands. [CVSS 8.8 HIGH]

SQLi Flowmon Anomaly Detection System
NVD
EPSS 0% CVSS 9.4
CRITICAL POC Act Now

GYM-MANAGEMENT-SYSTEM 1.0 has multiple SQL injection vulnerabilities in search and payment endpoints (member_search, trainer_search, gym_search, payment_search). PoC available.

PHP SQLi Authentication Bypass +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

Gym Management System PHP 1.0 has multiple SQL injection vulnerabilities across three files (submit_contact.php, secure_login.php, change_s_pwd.php) through seven parameters. Authentication bypass and data extraction possible.

PHP SQLi Authentication Bypass
NVD GitHub
EPSS 0% CVSS 9.1
CRITICAL POC Act Now

Kashipara Online Exam System V1.0 has SQL injection in profile.php through five POST parameters (rname, rcollage, rnumber, rgender, rpassword). PoC available.

PHP SQLi Online Exam System
NVD GitHub
EPSS 0%
This Week

Imaster's MEMS Events CRM contains an SQL injection vulnerability in ‘phone’ parameter in ‘/memsdemo/login.php’.

PHP SQLi
NVD
EPSS 0%
This Week

Imaster's MEMS Events CRM contains an SQL injection vulnerability in‘keyword’ parameter in ‘/memsdemo/exchange_offers.php’.

PHP SQLi
NVD
EPSS 0%
This Week

Imaster's Patient Records Management System is vulnerable to SQL Injection in the endpoint ‘/projects/hospital/admin/complaints.php’ through the ‘id’ parameter.

PHP SQLi
NVD
EPSS 13% CVSS 10.0
CRITICAL POC THREAT Emergency

Critical SQL injection vulnerability in an internet-exposed service enabling unauthenticated extraction and manipulation of the entire database. CVSS 10.0 with scope change, EPSS 12.9% indicating high exploitation activity.

SQLi Iotsuite Starter Linux Docker Iot Edge Windows +3
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in Online Music Site 1.0's AdminUpdateUser.php allows unauthenticated remote attackers to manipulate the ID parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. Successful exploitation could enable unauthorized data access, modification, or deletion with confidentiality, integrity, and availability impact.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in code-projects Online Music Site 1.0 via the txtusername parameter in AdminAddUser.php enables unauthenticated remote attackers to manipulate database queries and potentially access or modify sensitive data. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

Intern Membership Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 4.7).

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW Monitor

SQL injection in jjjfood and jjjshop_food PHP applications through the latitude parameter in /index.php/api/product.category/index allows authenticated attackers to execute arbitrary database queries remotely. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite notification. Affected installations up to version 20260103 should implement immediate mitigation measures.

PHP SQLi
NVD VulDB
Prev Page 26 of 169 Next

Quick Facts

Typical Severity
HIGH
Category
web
Total CVEs
15171

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy