CWE-89

SQL Injection vulnerability in Hospital Management System due to lack of input validation in messearch.php.

A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through “id” parameter on the album page.

SQL injection vulnerability in PHPGurukul Apartment Visitors Management System (AVMS) v. 1.0 allows attackers to execute arbitrary SQL statements and to gain RCE.

SQL Injection can occur in Simple Water Refilling Station Management System 1.0 via the water_refilling/classes/Login.php username parameter.

SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection.

messages_load.php in ClinicCases 7.3.3 suffers from a blind SQL injection vulnerability, which allows low-privileged attackers to execute arbitrary SQL commands through a vulnerable parameter.