Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-1641 Benner ModernaNet GetHorariosDoDia sql injection — ModernaNet 7.3 High2025-02-25
CVE-2025-1640 Benner ModernaNet JS_CarregaCombo sql injection — ModernaNet 7.3 High2025-02-25
CVE-2025-26533 SQL injection risk in course search module list filter — moodle 8.1 High2025-02-24
CVE-2025-27133 WeGIA has SQL Injection endpoint at 'dao/pet/adicionar_tipo_exame.php' parameter 'tipo_exame' — WeGIA 6.5 -2025-02-24
CVE-2025-27312 WordPress WP Sitemap plugin <= 1.0 - SQL Injection vulnerability — WP Sitemap 8.5 High2025-02-24
CVE-2025-27297 WordPress Bravo Search & Replace Plugin <= 1.0 - SQL Injection vulnerability — Bravo Search & Replace 7.6 High2025-02-24
CVE-2024-12918 SQLi in Agito Computer's Health4All — Health4All 8.8 High2025-02-24
CVE-2024-12916 SQLi in Agito Computer's Life4All — Life4All 8.8 High2025-02-24
CVE-2025-24490 SQL Injection in Mattermost Boards via board category ID reordering — Mattermost 9.6 Critical2025-02-24
CVE-2025-1596 SourceCodester Best Church Management Software fpassword.php sql injection — Best Church Management Software 7.3 High2025-02-23
CVE-2025-1583 PHPGurukul Online Nurse Hiring System search-report-details.php sql injection — Online Nurse Hiring System 6.3 Medium2025-02-23
CVE-2025-1582 PHPGurukul Online Nurse Hiring System all-request.php sql injection — Online Nurse Hiring System 6.3 Medium2025-02-23
CVE-2025-1581 PHPGurukul Online Nurse Hiring System book-nurse.php sql injection — Online Nurse Hiring System 6.3 Medium2025-02-23
CVE-2025-1580 PHPGurukul Nipah Virus Testing Management System search-report-result.php sql injection — Nipah Virus Testing Management System 6.3 Medium2025-02-23
CVE-2025-1578 PHPGurukul/Campcodes Online Shopping Portal search-result.php sql injection — Online Shopping Portal 6.3 Medium2025-02-23
CVE-2025-1576 code-projects Real Estate Property Management System ajax_state.php sql injection — Real Estate Property Management System 6.3 Medium2025-02-23
CVE-2024-13474 LTL Freight Quotes – Purolator Edition <= 2.2.3 - Unauthenticated SQL Injection — LTL Freight Quotes – Purolator Edition 7.5 High2025-02-22
CVE-2025-1544 dingfanzu CMS loadShopInfo.php sql injection — CMS 6.3 Medium2025-02-21
CVE-2025-1537 Harpia DiagSystem atualatendimento_jpeg.php sql injection — DiagSystem 6.3 Medium2025-02-21
CVE-2025-1535 Baiyi Cloud Asset Management System admin.ticket.close.php sql injection — Cloud Asset Management System 7.3 High2025-02-21
CVE-2024-13846 Indeed Ultimate Learning Pro <= 3.9 - Authenticated (Administrator+) SQL Injection via post_id Parameter — Indeed Ultimate Learning Pro 4.9 Medium2025-02-21
CVE-2024-13713 WPExperts Square For GiveWP <= 1.3.1 - Authenticated (Subscriber+) SQL Injection — WPExperts Square For GiveWP 6.5 Medium2025-02-21
CVE-2024-12276 Ultimate Member <= 2.9.2 - Authenticated SQL Injection — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin 5.3 Medium2025-02-21
CVE-2024-11260 Events Manager – Calendar, Bookings, Tickets, and more! <= 6.6.3 - Unauthenticated SQL Injection via Event Status Parameter — Events Manager – Calendar, Bookings, Tickets, and more! 7.5 High2025-02-21
CVE-2024-13235 Pinpoint Booking System – #1 WordPress Booking Plugin <= 2.9.9.5.4 - Authenticated (Subscriber+) SQL Injection — Pinpoint Booking System – Version 2 6.5 Medium2025-02-21
CVE-2025-26794 Exim 安全漏洞 — Exim 7.5 High2025-02-21
CVE-2025-27096 SQL Injection endpoint 'html/personalizacao_upload.php' parameter 'id_campo' in WeGIA — WeGIA 6.5 -2025-02-20
CVE-2024-13476 LTL Freight Quotes – GlobalTranz Edition <= 2.3.11 - Unauthenticated SQL Injection — LTL Freight Quotes – GlobalTranz Edition 7.5 High2025-02-20
CVE-2025-0866 Legoeso PDF Manager <= 1.2.2 - Authenticated (Author+) SQL Injection via checkedVals Parameter — Legoeso PDF Manager 6.5 Medium2025-02-20
CVE-2025-1464 Baiyi Cloud Asset Management System admin.house.collect.php sql injection — Cloud Asset Management System 7.3 High2025-02-19

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.