CWE-89

eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php.

AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php.

Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php.

Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability via add/Student.

ACEweb Online Portal 3.5.065 was discovered to contain a SQL injection vulnerability via the criteria parameter in showschedule.awp.

A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator level.