CWE-89

Ecommerce-project-with-php-and-mysqli-Fruits-Bazar 1.0 is vulnerable to SQL Injection in search_product.php via the keyword parameters.

Food-order-and-table-reservation-system- 1.0 is vulnerable to SQL Injection in categorywise-menu.php via the catid parameters.

Badminton Center Management System V1.0 is vulnerable to SQL Injection via parameter ‘id’ in /bcms/admin/court_rentals/update_status.php.

In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote attackers to dump all database credential and gain admin access(privilege escalation).

SQL injection in Logon Page of IDCE MV’s application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise’s private and sensitive information.

Jfinal cms 5.1.0 is vulnerable to SQL Injection.