CVEs classified under CWE-564, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2025-8052 — CVSS 8.8 (high): SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with…
CVE-2025-0959 — CVSS 8.8 (high): The Eventer - WordPress Event & Booking Manager Plugin plugin for WordPress is vulnerable to SQL Injection via the reg_id parameter in all…
CVE-2024-58352 — CVSS 7.5 (high): Landray OA contains an unauthenticated HQL injection vulnerability that allows unauthenticated attackers to query arbitrary Hibernate…
CVE-2025-67280 — CVSS 5.4 (medium): In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Hibernate Query Language injection vulnerabilities exist which allow a low privileged…
CVE-2026-23959 — CVSS 4.9 (medium): CoreShop is a Pimcore enhanced eCommerce solution. An error-based SQL Injection vulnerability was identified in versions prior to 4.1.9 in…