Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-13596 WordPress Survey & Poll – Quiz, Survey and Poll Plugin for WordPress <= 1.7.5 - Authenticated (Contributor+) SQL Injection — WordPress Survey & Poll – Quiz, Survey and Poll Plugin for WordPress 6.5 Medium2025-01-30
CVE-2025-0861 VR-Frases (collect & share quotes) <= 3.0.1 - Authenticated (Admin+) SQL Injection — VR-Frases 4.9 Medium2025-01-30
CVE-2025-0847 1000 Projects Employee Task Management System Login index.php sql injection — Employee Task Management System 7.3 High2025-01-30
CVE-2025-0846 1000 Projects Employee Task Management System AdminLogin.php sql injection — Employee Task Management System 7.3 High2025-01-30
CVE-2025-0843 needyamin Library Card System Admin Panel admindashboard.php sql injection — Library Card System 7.3 High2025-01-29
CVE-2025-0842 needyamin Library Card System Login admin.php sql injection — Library Card System 7.3 High2025-01-29
CVE-2025-24793 Snowflake Connector for Python has an SQL Injection in write_pandas — snowflake-connector-python 7.0 High2025-01-29
CVE-2025-0803 Codezips Gym Management System submit_plan_new.php sql injection — Gym Management System 7.3 High2025-01-29
CVE-2025-0793 ESAFENET CDG todoDetail.jsp sql injection — CDG 6.3 Medium2025-01-29
CVE-2025-0792 ESAFENET CDG sdTodoDetail.jsp sql injection — CDG 6.3 Medium2025-01-29
CVE-2025-0791 ESAFENET CDG sdDoneDetail.jsp sql injection — CDG 6.3 Medium2025-01-28
CVE-2025-0789 ESAFENET CDG doneDetail.jsp sql injection — CDG 6.3 Medium2025-01-28
CVE-2025-0788 ESAFENET CDG content_top.jsp sql injection — CDG 6.3 Medium2025-01-28
CVE-2025-0786 ESAFENET CDG appDetail.jsp sql injection — CDG 6.3 Medium2025-01-28
CVE-2025-22217 VMware Avi Load Balancer 安全漏洞 — VMware AVI Load Balancer 8.6 High2025-01-28
CVE-2024-11956 Pimcore customer-data-framework list sql injection — customer-data-framework 4.7 Medium2025-01-28
CVE-2024-11135 Eventer <= 3.9.8 - Unauthenticated SQL Injection via eventer_get_attendees — Eventer - WordPress Event & Booking Manager Plugin 7.5 High2025-01-28
CVE-2023-50316 IBM Sterling B2B Integrator information disclosure — Sterling B2B Integrator 6.3 Medium2025-01-28
CVE-2025-24368 Cacti has a SQL Injection vulnerability when using tree rules through Automation API — cacti 9.8 -2025-01-27
CVE-2024-54145 Cacti has a SQL Injection vulnerability when request automation devices — cacti 6.3 Medium2025-01-27
CVE-2024-54146 Cacti has a SQL Injection vulnerability when view host template — cacti 7.6 High2025-01-27
CVE-2025-24667 WordPress Small Package Quotes Plugin <= 5.2.17 - SQL Injection vulnerability — Small Package Quotes – Worldwide Express Edition 9.3 Critical2025-01-27
CVE-2025-24665 WordPress Small Package Quotes Plugin <= 2.4.8 - SQL Injection vulnerability — Small Package Quotes – Unishippers Edition 9.3 Critical2025-01-27
CVE-2025-24664 WordPress LTL Freight Quotes Plugin <= 5.0.20 - SQL Injection vulnerability — LTL Freight Quotes – Worldwide Express Edition 9.3 Critical2025-01-27
CVE-2025-24612 WordPress Shipping for Nova Poshta plugin <= 1.19.6 - SQL Injection vulnerability — Shipping for Nova Poshta 9.3 Critical2025-01-27
CVE-2017-20196 Itechscripts School Management Software notice-edit.php sql injection — School Management Software 6.3 Medium2025-01-26
CVE-2024-10628 Quiz Maker Business, Developer, and Agency <= (Multiple Versions) - Unauthenticated SQL Injection via id — Quiz Maker Business 7.5 High2025-01-26
CVE-2024-35148 IBM Maximo Application Suite SQL injection — Maximo Application Suite 6.3 Medium2025-01-25
CVE-2025-24587 WordPress Email Subscription Popup plugin <= 1.2.23 - SQL Injection vulnerability — Email Subscription Popup 7.6 High2025-01-24
CVE-2025-24728 WordPress Bug Library plugin <= 2.1.4 - SQL Injection vulnerability — Bug Library 8.5 High2025-01-24

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.