Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8832

8832 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-4954 mingSoft MCMS Web Content List Endpoint ContentAction.java list sql injection — MCMS 6.3 Medium2026-03-27
CVE-2026-33755 Authenticated SQL Injection in Contact/query addressBookIds filter — groupoffice 8.8 High2026-03-27
CVE-2026-24031 Open-Xchange OX Dovecot Pro 安全漏洞 — OX Dovecot Pro 7.7 High2026-03-27
CVE-2026-4910 Shenzhen Ruiming Technology Streamax Crocus Endpoint RemoteFormat.do sql injection — Streamax Crocus 7.3 High2026-03-27
CVE-2026-4908 code-projects Simple Laundry System Parameter modstaffinfo.php sql injection — Simple Laundry System 7.3 High2026-03-27
CVE-2026-33545 MobSF has SQL Injection in its SQLite Database Viewer Utils — Mobile-Security-Framework-MobSF 5.3 Medium2026-03-26
CVE-2026-33531 InvenTree has Path Traversal In Report Templates — InvenTree 4.9 -2026-03-26
CVE-2026-33153 Tandoor Recipes's Unauthenticated Debug Parameter Leaks Full Raw SQL Queries Including Schema, Table Names, and Access Control Logic — recipes 6.5 -2026-03-26
CVE-2026-33505 Ory Keto has a SQL injection via forged pagination tokens — keto 7.2 High2026-03-26
CVE-2026-33504 Ory Hydra has a SQL injection via forged pagination tokens — hydra 7.2 High2026-03-26
CVE-2026-33503 Ory Kratos has a SQL injection via forged pagination tokens — kratos 7.2 High2026-03-26
CVE-2026-33468 Kysely has a MySQL SQL Injection via Insufficient Backslash Escaping in `sql.lit(string)` usage or similar methods that append string literal values into the compiled SQL strings — kysely 8.1 High2026-03-26
CVE-2026-33442 Kysely has a MySQL SQL Injection via Backslash Escape Bypass in non-type-safe usage of JSON path keys. — kysely 8.1 High2026-03-26
CVE-2026-2511 JS Help Desk – AI-Powered Support & Ticketing System <= 3.0.4 - Unauthenticated SQL Injection via 'multiformid' Parameter — JS Help Desk – AI-Powered Support & Ticketing System 7.5 High2026-03-26
CVE-2026-4876 itsourcecode Free Hotel Reservation System index.php sql injection — Free Hotel Reservation System 6.3 Medium2026-03-26
CVE-2018-25209 OpenBiz Cubi Lite 3.0.8 SQL Injection via username Parameter — OpenBiz Cubi Lite 8.2 High2026-03-26
CVE-2018-25208 qdPM 9.1 SQL Injection via filter_by Parameters — qdPM 8.2 High2026-03-26
CVE-2018-25207 Online Quiz Maker 1.0 SQL Injection via catid Parameter — Online Quiz Maker 7.1 High2026-03-26
CVE-2018-25206 KomSeo Cart 1.3 SQL Injection via edit.php — KomSeo Cart 8.2 High2026-03-26
CVE-2018-25205 ASP.NET jVideo Kit 1.0 SQL Injection via query Parameter — ASP.NET jVideo Kit 8.2 High2026-03-26
CVE-2018-25204 Library CMS 1.0 SQL Injection via admin login — Library CMS 8.2 High2026-03-26
CVE-2018-25203 Online Store System CMS 1.0 SQL Injection via clientaccess — Online Store System CMS 8.2 High2026-03-26
CVE-2018-25201 School Management System CMS 1.0 Admin Login SQL Injection — School Management System CMS 7.1 High2026-03-26
CVE-2018-25202 SAT CFDI 3.3 SQL Injection via signIn endpoint — SAT CFDI 8.2 High2026-03-26
CVE-2018-25195 Wecodex Hotel CMS 1.0 SQL Injection via Admin Login — Wecodex Hotel CMS 8.2 High2026-03-26
CVE-2018-25183 Shipping System CMS 1.0 SQL Injection via admin login — Shipping System CMS 8.2 High2026-03-26
CVE-2018-25185 Wecodex Restaurant CMS 1.0 SQL Injection via Login — Wecodex Restaurant CMS 8.2 High2026-03-26
CVE-2026-4850 code-projects Simple Laundry System Parameter checkregisitem.php sql injection — Simple Laundry System 7.3 High2026-03-26
CVE-2026-4844 code-projects Online Food Ordering System Admin Login admin.php sql injection — Online Food Ordering System 7.3 High2026-03-26
CVE-2026-4842 itsourcecode Online Enrollment System Parameter index.php sql injection — Online Enrollment System 7.3 High2026-03-26

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8832 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.