CWE-564
8 CVEs classified under CWE-564. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-0959 | High | 8.8 | 2025-03-07 | The Eventer - WordPress Event & Booking Manager Plugin plugin for WordPress is vulnerable to SQL Injection via the reg_id parameter in all versions up to, and… |
CVE-2026-4594 | High | 7.3 | 2026-03-23 | A vulnerability has been found in erupts erupt up to 1.13.3. Affected by this issue is the function geneEruptHqlOrderBy of the file erupt-data/erupt-jpa/src/ma… |
CVE-2026-40871 | High | 7.2 | 2026-04-21 | mailcow: dockerized is an open source groupware/email suite based on docker. Versions prior to 2026-03b have a second-order SQL injection vulnerability in the… |
CVE-2026-4593 | Medium | 6.3 | 2026-03-23 | A flaw has been found in erupts erupt bis 1.13.3. Affected by this vulnerability is the function EruptDataQuery of the file erupt-ai/src/main/java/xyz/erupt/ai… |
CVE-2026-22242 | Medium | 4.9 | 2026-01-08 | CoreShop is a Pimcore enhanced eCommerce solution. Prior to version 4.1.8, a blind SQL injection vulnerability exists in the application that allows an authent… |
CVE-2026-23959 | | 2026-01-22 | CoreShop is a Pimcore enhanced eCommerce solution. An error-based SQL Injection vulnerability was identified in versions prior to 4.1.9 in the `CustomerTransfo… | |
CVE-2025-8052 | | 2025-10-20 | SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the database in uni… | |
CVE-2024-48988 | | 2025-08-22 | SQL Injection vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version… |