Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8832

8832 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-4841 code-projects Online Food Ordering System Shopping Cart cart.php sql injection — Online Food Ordering System 7.3 High2026-03-26
CVE-2026-4839 SourceCodester Food Ordering System Parameter purchase.php sql injection — Food Ordering System 7.3 High2026-03-26
CVE-2026-4838 SourceCodester Malawi Online Market display.php sql injection — Malawi Online Market 7.3 High2026-03-26
CVE-2026-4836 code-projects Accounting System delete.php sql injection — Accounting System 6.3 Medium2026-03-26
CVE-2026-4826 SourceCodester Sales and Inventory System HTTP GET Parameter update_stock.php sql injection — Sales and Inventory System 6.3 Medium2026-03-25
CVE-2026-33917 OpenEMR has SQL Injection in CAMOS Form — openemr 8.8 High2026-03-25
CVE-2026-33914 OpenEMR has SQL Injection in PostCalendar Category Delete — openemr 7.2 High2026-03-25
CVE-2026-33910 OpenEMR has a SQL Injection Vulnerability in patient selection — openemr 7.2 High2026-03-25
CVE-2026-33909 OpenEMR Vulnerable to SQL Injection via Unsanitized Variables in MedEx Recall/Reminder Processing — openemr 5.9 Medium2026-03-25
CVE-2026-4825 SourceCodester Sales and Inventory System HTTP GET Parameter update_sales.php sql injection — Sales and Inventory System 6.3 Medium2026-03-25
CVE-2026-29187 OpenEMR Vulnerable to Authenticated Blind Boolean-Based SQL Injection in new_search_popup.php — openemr 8.1 High2026-03-25
CVE-2026-33713 n8n Vulnerable to SQL Injection in Data Table Node via orderByColumn Expression — n8n 8.8 -2026-03-25
CVE-2026-32539 WordPress PublishPress Revisions plugin <= 3.7.23 - SQL Injection vulnerability — PublishPress Revisions 9.8 -2026-03-25
CVE-2026-32534 WordPress JS Help Desk plugin <= 3.0.3 - SQL Injection vulnerability — JS Help Desk 9.8 -2026-03-25
CVE-2026-32516 WordPress Miraculous Core Plugin plugin < 2.1.2 - SQL Injection vulnerability — Miraculous Core Plugin 9.8 -2026-03-25
CVE-2026-32499 WordPress ChatBot plugin <= 7.7.9 - SQL Injection vulnerability — ChatBot 9.8 -2026-03-25
CVE-2026-31920 WordPress Product Rearrange for WooCommerce plugin <= 1.2.2 - SQL Injection vulnerability — Product Rearrange for WooCommerce 9.8 -2026-03-25
CVE-2026-27039 WordPress WZone plugin <= 14.0.31 - SQL Injection vulnerability — WZone 8.5 High2026-03-25
CVE-2026-25377 WordPress Addon Jobsearch Chat plugin <= 3.0 - SQL Injection vulnerability — Addon Jobsearch Chat 9.3 Critical2026-03-25
CVE-2026-25371 WordPress Lumise Product Designer plugin < 2.0.9 - SQL Injection vulnerability — Lumise Product Designer 9.3 Critical2026-03-25
CVE-2026-25340 WordPress Jobmonster theme < 4.8.4 - SQL Injection vulnerability — Jobmonster 9.3 Critical2026-03-25
CVE-2026-25007 WordPress ElementInvader Addons for Elementor plugin <= 1.4.2 - SQL Injection vulnerability — ElementInvader Addons for Elementor 8.5 High2026-03-25
CVE-2026-24993 WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.3 - SQL Injection vulnerability — Advanced WooCommerce Product Sales Reporting 9.3 Critical2026-03-25
CVE-2026-24977 WordPress Organici Library plugin <= 2.1.2 - SQL Injection vulnerability — Organici Library 8.5 High2026-03-25
CVE-2026-22484 WordPress Lisfinity Core plugin <= 1.5.0 - SQL Injection vulnerability — Lisfinity Core 9.3 Critical2026-03-25
CVE-2024-58341 OpenCart Core 4.0.2.3 SQL Injection via search Parameter — OpenCart Core 8.2 High2026-03-25
CVE-2026-4815 SQL Injection vulnerability in Support Board — Support Board 8.8 -2026-03-25
CVE-2026-4784 code-projects Simple Laundry System Parameter checkcheckout.php sql injection — Simple Laundry System 7.3 High2026-03-25
CVE-2026-4783 itsourcecode College Management System Parameter add-single-student-results.php sql injection — College Management System 6.3 Medium2026-03-25
CVE-2026-4781 SourceCodester Sales and Inventory System HTTP GET Parameter update_purchase.php sql injection — Sales and Inventory System 6.3 Medium2026-03-24

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8832 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.