Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-8055 Local File Read (LFI) by Prompt Injection via SnowFlake SQL in vanna-ai/vanna — vanna-ai/vanna 9.1 -2025-03-20
CVE-2024-12911 SQL Injection in run-llama/llama_index — run-llama/llama_index 9.1 -2025-03-20
CVE-2024-10835 Arbitrary File Write via SQL Injection in eosphoros-ai/db-gpt — eosphoros-ai/db-gpt 9.8 -2025-03-20
CVE-2024-12909 SQL Injection to RCE in run-llama/llama_index — run-llama/llama_index 9.8 -2025-03-20
CVE-2024-8251 Prisma Injection in mintplex-labs/anything-llm — mintplex-labs/anything-llm 7.5 -2025-03-20
CVE-2024-12016 SQLi in CM Informatics' CM News — CM News 9.8 Critical2025-03-20
CVE-2025-26852 DESCOR INFOCAD 安全漏洞 — Infocad FM 10.0 Critical2025-03-20
CVE-2025-2511 AHAthat Plugin <= 1.6 - Authenticated (Administrator+) SQL Injection via id Parameter — AHAthat Plugin 4.9 Medium2025-03-19
CVE-2025-27018 Apache Airflow MySQL Provider: SQL injection in MySQL provider core function — Apache Airflow MySQL Provider 8.8 -2025-03-19
CVE-2024-50631 Synology Drive Server SQL注入漏洞 — Synology Drive Server 7.5 High2025-03-19
CVE-2025-24799 GLPI allows unauthenticated SQL injection through the inventory endpoint — glpi 7.5 High2025-03-18
CVE-2025-21619 GLPI allows SQL injection through the rules configuration — glpi 7.2 -2025-03-18
CVE-2024-8997 SQLi in Vestel's EVC04 Configuration Interface — EVC04 Configuration Interface 9.8 Critical2025-03-18
CVE-2025-2473 PHPGurukul Company Visitor Management System Sign In index.php sql injection — Company Visitor Management System 7.3 High2025-03-18
CVE-2025-2472 PHPGurukul Apartment Visitors Management System Sign In index.php sql injection — Apartment Visitors Management System 7.3 High2025-03-17
CVE-2025-2471 PHPGurukul Boat Booking System boat-details.php sql injection — Boat Booking System 6.3 Medium2025-03-17
CVE-2025-2419 code-projects Real Estate Property Management System InsertFeedback.php sql injection — Real Estate Property Management System 6.3 Medium2025-03-17
CVE-2025-2393 code-projects Online Class and Exam Scheduling System salut_del.php sql injection — Online Class and Exam Scheduling System 4.7 Medium2025-03-17
CVE-2025-2392 code-projects Online Class and Exam Scheduling System activate.php sql injection — Online Class and Exam Scheduling System 4.7 Medium2025-03-17
CVE-2025-2391 code-projects Blood Bank Management System Admin Login Page admin_login.php sql injection — Blood Bank Management System 7.3 High2025-03-17
CVE-2025-2390 code-projects Blood Bank Management System add_donor.php sql injection — Blood Bank Management System 6.3 Medium2025-03-17
CVE-2025-2389 code-projects Blood Bank Management System add_city.php sql injection — Blood Bank Management System 4.7 Medium2025-03-17
CVE-2025-2387 SourceCodester Online Food Ordering System ajax.php sql injection — Online Food Ordering System 7.3 High2025-03-17
CVE-2025-2386 PHPGurukul Local Services Search Engine Management System serviceman-search.php sql injection — Local Services Search Engine Management System 7.3 High2025-03-17
CVE-2025-2385 code-projects Modern Bag login.php sql injection — Modern Bag 7.3 High2025-03-17
CVE-2025-2384 code-projects Real Estate Property Management System Parameter InsertCustomer.php sql injection — Real Estate Property Management System 6.3 Medium2025-03-17
CVE-2025-2383 PHPGurukul Doctor Appointment Management System search.php sql injection — Doctor Appointment Management System 7.3 High2025-03-17
CVE-2025-2382 PHPGurukul Online Banquet Booking System booking-search.php sql injection — Online Banquet Booking System 7.3 High2025-03-17
CVE-2025-2381 PHPGurukul Curfew e-Pass Management System search-pass.php sql injection — Curfew e-Pass Management System 7.3 High2025-03-17
CVE-2025-2380 PHPGurukul Apartment Visitors Management System admin-profile.php sql injection — Apartment Visitors Management System 7.3 High2025-03-17

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.