Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8827

8827 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-7088 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection — Pharmacy Sales and Inventory System 7.3 High2026-04-27
CVE-2026-7087 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection — Pharmacy Sales and Inventory System 7.3 High2026-04-27
CVE-2026-7083 likeadmin-likeshop likeadmin_php dataTable Admin API DataTableLists.php queryResult sql injection — likeadmin_php 4.7 Medium2026-04-27
CVE-2026-7077 itsourcecode Courier Management System edit_parcel.php sql injection — Courier Management System 7.3 High2026-04-27
CVE-2026-7076 itsourcecode Courier Management System edit_branch.php sql injection — Courier Management System 7.3 High2026-04-27
CVE-2026-7075 itsourcecode Construction Management System locations.php sql injection — Construction Management System 7.3 High2026-04-27
CVE-2026-7074 itsourcecode Construction Management System execute1.php sql injection — Construction Management System 7.3 High2026-04-27
CVE-2026-7073 itsourcecode Construction Management System execute.php sql injection — Construction Management System 7.3 High2026-04-27
CVE-2026-7072 CodePanda Source canteen_management_system login.php sql injection — canteen_management_system 7.3 High2026-04-27
CVE-2026-7070 code-projects Inventory Management System Login sql injection — Inventory Management System 7.3 High2026-04-27
CVE-2026-7063 code-projects Employee Management System Endpoint eprocess.php sql injection — Employee Management System 7.3 High2026-04-26
CVE-2026-7060 liyupi yu-picture MyBatis-Plus PictureServiceImpl.java PageRequest sql injection — yu-picture 7.3 High2026-04-26
CVE-2026-7028 CodeAstro Online Job Portal All Jobs delete-jobs.php sql injection — Online Job Portal 4.7 Medium2026-04-26
CVE-2026-7023 ByteDance coze-studio databaseTool database_impl.go ExecuteSQL sql injection — coze-studio 6.3 Medium2026-04-26
CVE-2026-7002 KLiK SocialMediaWebsite Private Message get_message_ajax.php sql injection — SocialMediaWebsite 7.3 High2026-04-25
CVE-2026-6991 colinhacks Zod CUID Data Type regexes.ts sql injection — Zod 6.3 Medium2026-04-25
CVE-2026-6982 star7th ShowDoc API Page Sort Endpoint PageController.class.PHP sql injection — ShowDoc 6.3 Medium2026-04-25
CVE-2026-6978 JiZhiCMS addcache.html htmlspecialchars_decode sql injection — JiZhiCMS 4.7 Medium2026-04-25
CVE-2026-41478 Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId) — saltcorn 10.0 Critical2026-04-24
CVE-2026-33078 Roxy-WI has SQL Injection in haproxy_section_save Endpoint via Unsanitized server_ip Parameter — roxy-wi 9.8AICriticalAI2026-04-24
CVE-2026-31952 Xibo CMS API has SQL Injection via DataSet Filter Parameter — xibo-cms 7.6 High2026-04-24
CVE-2026-41460 SocialEngine <= 7.8.0 SQL Injection via activity/index/get-memberall — SocialEngine 9.8 Critical2026-04-23
CVE-2026-6887 BorG Technology Corporation|Borg SPM 2007 - SQL Injection — Borg SPM 2007 9.8 Critical2026-04-23
CVE-2026-40529 KANATA CMS ALAYA SQL注入漏洞 — CMS ALAYA 6.5AIMediumAI2026-04-23
CVE-2026-41167 Jellystat has SQL Injection that leads to to Remote Code Execution — Jellystat 9.1 Critical2026-04-22
CVE-2026-6833 aEnrich|a+HRD - SQL Injection — a+HRD 6.5 Medium2026-04-22
CVE-2026-41457 OwnTone Server < 29.1 SQL Injection via query and filter Parameters — owntone-server 7.5AIHighAI2026-04-22
CVE-2026-40906 Electric: SQL Injection via ORDER BY Parameter in Shape API — electric 10.0 Critical2026-04-21
CVE-2026-41320 Frappe HR has possibility of SQL Injection due to improper field sanitization — hrms 6.5 Medium2026-04-21
CVE-2026-40887 @vendure/core has a SQL Injection vulnerability — vendure 9.1 Critical2026-04-21

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8827 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.