Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8827

8827 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-5180 SourceCodester Simple Doctors Appointment System ajax.php sql injection — Simple Doctors Appointment System 7.3 High2026-03-31
CVE-2026-5179 SourceCodester Simple Doctors Appointment System login.php sql injection — Simple Doctors Appointment System 7.3 High2026-03-31
CVE-2026-32714 SciTokens vulnerable to SQL Injection in KeyCache — scitokens 9.8 Critical2026-03-31
CVE-2026-27697 baserCMS: SQL injection vulnerability in blog post — basercms 9.8AICriticalAI2026-03-31
CVE-2026-5150 code-projects Accounting System Parameter viewin_costumer.php sql injection — Accounting System 7.3 High2026-03-30
CVE-2026-5148 YunaiV yudao-cloud page sql injection — yudao-cloud 4.7 Medium2026-03-30
CVE-2026-31799 Tautulli: SQL Injection in get_home_stats API endpoint via unsanitised filter parameters — Tautulli 4.9 Medium2026-03-30
CVE-2026-5147 YunaiV yudao-cloud get-by-website sql injection — yudao-cloud 7.3 High2026-03-30
CVE-2026-5035 code-projects Accounting System Parameter view_work.php sql injection — Accounting System 7.3 High2026-03-29
CVE-2026-5034 code-projects Accounting System Parameter edit_costumer.php sql injection — Accounting System 7.3 High2026-03-29
CVE-2026-5033 code-projects Accounting System Parameter view_costumer.php sql injection — Accounting System 7.3 High2026-03-29
CVE-2026-5019 code-projects Simple Food Order System Parameter all-orders.php sql injection — Simple Food Order System 7.3 High2026-03-28
CVE-2026-5018 code-projects Simple Food Order System Parameter register-router.php sql injection — Simple Food Order System 7.3 High2026-03-28
CVE-2026-5017 code-projects Simple Food Order System Parameter all-tickets.php sql injection — Simple Food Order System 7.3 High2026-03-28
CVE-2026-4996 Sinaptik AI PandasAI pandasai-lancedb Extension lancedb.py get_relevant_docs_by_id sql injection — PandasAI 7.3 High2026-03-28
CVE-2026-33991 WeGIA has SQL Injection in deletar_tag.php — WeGIA 8.8 High2026-03-27
CVE-2026-34386 Fleet vulnerable to SQL injection in MDM bootstrap package by authenticated team or global admin — fleet 6.5 -2026-03-27
CVE-2026-34385 Fleet's Apple MDM profile delivery has second-order SQL injection that can compromise the database — fleet 8.8 -2026-03-27
CVE-2026-4970 code-projects Social Networking Site Endpoint delete_photos.php sql injection — Social Networking Site 6.3 Medium2026-03-27
CVE-2026-34374 AVideo has SQL Injection in Live_schedule::keyExists() via Unparameterized Stream Key — AVideo 9.1 Critical2026-03-27
CVE-2026-4966 itsourcecode Free Hotel Reservation System index.php sql injection — Free Hotel Reservation System 6.3 Medium2026-03-27
CVE-2026-33770 AVideo has SQL Injection in category.php fixCleanTitle() via Unparameterized clean_title and id Variables — AVideo 9.8 -2026-03-27
CVE-2026-33767 AVideo has SQL Injection via Partial Prepared Statement — videos_id Concatenated Directly into Query — AVideo 9.8 -2026-03-27
CVE-2026-4956 Shenzhen Ruiming Technology Streamax Crocus Parameter DevicePrint.do sql injection — Streamax Crocus 7.3 High2026-03-27
CVE-2026-4955 Shenzhen Ruiming Technology Streamax Crocus OperateStatistic.do sql injection — Streamax Crocus 7.3 High2026-03-27
CVE-2026-4954 mingSoft MCMS Web Content List Endpoint ContentAction.java list sql injection — MCMS 6.3 Medium2026-03-27
CVE-2026-33755 Authenticated SQL Injection in Contact/query addressBookIds filter — groupoffice 8.8 High2026-03-27
CVE-2026-24031 Open-Xchange OX Dovecot Pro 安全漏洞 — OX Dovecot Pro 7.7 High2026-03-27
CVE-2026-4910 Shenzhen Ruiming Technology Streamax Crocus Endpoint RemoteFormat.do sql injection — Streamax Crocus 7.3 High2026-03-27
CVE-2026-4908 code-projects Simple Laundry System Parameter modstaffinfo.php sql injection — Simple Laundry System 7.3 High2026-03-27

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8827 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.