Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-12428 WP Data Access – App, Table, Form and Chart Builder plugin <= 5.5.22 - Unauthenticated SQL Injection — WP Data Access – App Builder for Tables, Forms, Charts, Maps & Dashboards 7.5 High2024-12-25
CVE-2024-12032 Tourfic – Ultimate Hotel Booking, Travel Booking & Apartment Booking WordPress Plugin | WooCommerce Booking <= 2.15.3 - Authenticated (Subscriber+) SQL Injection — Tourfic – Travel Booking, Hotel Booking & Car Rental WordPress Plugin 6.5 Medium2024-12-25
CVE-2024-12746 SQL Injection in the Amazon Redshift ODBC Driver affecting v2.1.5.0 — Amazon Redshift ODBC Driver 8.0 High2024-12-24
CVE-2024-12745 SQL Injection in the Amazon Redshift Python Connector affecting v2.1.4 — Amazon Redshift Python Connector 8.0 High2024-12-24
CVE-2024-12744 SQL Injection in the Amazon Redshift JDBC Driver affecting v2.1.0.31 — Amazon Redshift JDBC Driver 8.0 High2024-12-24
CVE-2024-10856 Booking Calendar WpDevArt <= 3.2.19 - Authenticated (Contributor+) SQL Injection — Booking calendar, Appointment Booking System 6.5 Medium2024-12-24
CVE-2024-11726 Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress <= 1.1.21 - Authenticated (Contributor+) SQL Injection — Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress 6.5 Medium2024-12-24
CVE-2024-12031 Advanced Floating Content <= 3.8.2 - Authenticated (Subscriber+) SQL Injection — Advanced Floating Content 6.5 Medium2024-12-24
CVE-2018-25106 webuidesigning NebulaX Theme Legacy.php nebula_send_to_hubspot sql injection — NebulaX Theme 6.3 Medium2024-12-23
CVE-2024-45387 Apache Traffic Control: SQL Injection in Traffic Ops endpoint PUT deliveryservice_request_comments — Apache Traffic Control 9.9 Critical2024-12-23
CVE-2024-12899 1000 Projects Attendance Tracking Management System course_action.php sql injection — Attendance Tracking Management System 7.3 High2024-12-23
CVE-2024-12898 1000 Projects Attendance Tracking Management System faculty_action.php sql injection — Attendance Tracking Management System 6.3 Medium2024-12-23
CVE-2024-12895 TreasureHuntGame TreasureHunt checkflag.php console_log sql injection — TreasureHunt 6.3 Medium2024-12-22
CVE-2024-12894 TreasureHuntGame TreasureHunt acesso.php sql injection — TreasureHunt 6.3 Medium2024-12-22
CVE-2024-12891 code-projects Online Exam Mastering System account.php sql injection — Online Exam Mastering System 6.3 Medium2024-12-22
CVE-2024-12890 code-projects Online Exam Mastering System update.php sql injection — Online Exam Mastering System 6.3 Medium2024-12-22
CVE-2024-12884 Codezips E-Commerce Website login.php sql injection — E-Commerce Website 7.3 High2024-12-21
CVE-2024-11722 Frontend Admin by DynamiApps <= 3.25.1 - Unauthenticated SQL Injection — Frontend Admin by DynamiApps 5.9 Medium2024-12-21
CVE-2024-12635 WP Docs <= 2.2.0 - Authenticated (Subscriber+) Time-Based SQL Injection via 'dir_id' — WP Docs 6.5 Medium2024-12-21
CVE-2024-12832 Arista NG Firewall ReportEntry SQL Injection Arbitrary File Read and Write Vulnerability — NG Firewall 8.1 -2024-12-20
CVE-2024-12727 Sophos Firewall 安全漏洞 — Sophos Firewall 9.8 Critical2024-12-19
CVE-2024-12794 Codezips E-Commerce Site editorder.php sql injection — E-Commerce Site 6.3 Medium2024-12-19
CVE-2024-12792 Codezips E-Commerce Site newadmin.php sql injection — E-Commerce Site 7.3 High2024-12-19
CVE-2024-12791 Codezips E-Commerce Site signin.php sql injection — E-Commerce Site 7.3 High2024-12-19
CVE-2024-12788 Codezips Technical Discussion Forum signinpost.php sql injection — Technical Discussion Forum 7.3 High2024-12-19
CVE-2024-12787 1000 Projects Attendance Tracking Management System check_student_login.php sql injection — Attendance Tracking Management System 7.3 High2024-12-19
CVE-2024-12785 itsourcecode Vehicle Management System sendmail.php sql injection — Vehicle Management System 6.3 Medium2024-12-19
CVE-2024-10244 SQLi in ISDO Software's Web Software — Web Software 9.8 Critical2024-12-19
CVE-2024-12784 itsourcecode Vehicle Management System editbill.php sql injection — Vehicle Management System 6.3 Medium2024-12-19
CVE-2024-56047 WordPress WPLMS plugin < 1.9.9.5.3 - Subscriber+ SQL Injection vulnerability — WPLMS 8.5 High2024-12-18

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.