Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-11710 WP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL Injection — WP Job Portal – AI-Powered Recruitment System for Company or Job Board website 4.9 Medium2024-12-14
CVE-2024-11714 WP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL Injection via getFieldsForVisibleCombobox() — WP Job Portal – AI-Powered Recruitment System for Company or Job Board website 4.9 Medium2024-12-14
CVE-2024-11711 WP Job Portal <= 2.2.1 - Unauthenticated SQL Injection — WP Job Portal – AI-Powered Recruitment System for Company or Job Board website 7.5 High2024-12-14
CVE-2024-11713 WP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL Injection via wpjobportal_deactivate() — WP Job Portal – AI-Powered Recruitment System for Company or Job Board website 4.9 Medium2024-12-14
CVE-2024-54304 WordPress Hive Support plugin <= 1.1.2 - SQL Injection vulnerability — Hive Support 8.5 High2024-12-13
CVE-2024-54292 WordPress Appsplate plugin <= 2.1.3 - SQL Injection vulnerability — Appsplate 9.3 Critical2024-12-13
CVE-2024-54261 WordPress TAX SERVICE Electronic HDM plugin <= 1.2.2 - SQL Injection vulnerability — TAX SERVICE Electronic HDM 10.0 Critical2024-12-13
CVE-2024-54258 WordPress Ni CRM Lead plugin <= 1.3.0 - SQL Injection vulnerability — Ni CRM Lead 8.5 High2024-12-13
CVE-2024-54234 WordPress Limit Login Attempts plugin <= 5.5 - SQL Injection vulnerability — Limit Login Attempts 9.3 Critical2024-12-13
CVE-2024-52057 Potential arbitrary SQL query execution in Queuing Service while parsing malicious remote commands or configuration files — Connext Professional 9.8 -2024-12-13
CVE-2024-11837 N1QL Injection — PlexTrac 9.8 -2024-12-13
CVE-2019-25221 Responsive Filterable Portfolio <=1.0.8 - Authenticated (Admin+) SQL Injection — Responsive Filterable Portfolio 6.5 Medium2024-12-13
CVE-2024-50584 SQL Injection — Scan2Net 8.8 -2024-12-12
CVE-2024-28145 Unauthenticated SQL Injection — Scan2Net 9.8 -2024-12-12
CVE-2024-12406 Library Management System <= 3.2.0 - Authenticated (Subscriber+) SQL Injection — Library Management System 6.5 Medium2024-12-12
CVE-2024-11430 SQL Chart Builder <= 2.3.6 - Authenticated (Contributor+) SQL Injection — SQL Chart Builder 6.5 Medium2024-12-12
CVE-2024-12497 1000 Projects Attendance Tracking Management System check_admin_login.php sql injection — Attendance Tracking Management System 7.3 High2024-12-11
CVE-2024-12492 code-projects Farmacia visualizar-usuario.php sql injection — Farmacia 6.3 Medium2024-12-11
CVE-2024-12490 code-projects Online Class and Exam Scheduling System teacher_save.php sql injection — Online Class and Exam Scheduling System 6.3 Medium2024-12-11
CVE-2024-12489 code-projects Online Class and Exam Scheduling System term.php sql injection — Online Class and Exam Scheduling System 6.3 Medium2024-12-11
CVE-2024-12488 code-projects Online Class and Exam Scheduling System subject_update.php sql injection — Online Class and Exam Scheduling System 6.3 Medium2024-12-11
CVE-2024-12487 code-projects Online Class and Exam Scheduling System room_update.php sql injection — Online Class and Exam Scheduling System 6.3 Medium2024-12-11
CVE-2024-12486 code-projects Online Class and Exam Scheduling System rank_update.php sql injection — Online Class and Exam Scheduling System 6.3 Medium2024-12-11
CVE-2024-12485 code-projects Online Class and Exam Scheduling System department.php sql injection — Online Class and Exam Scheduling System 6.3 Medium2024-12-11
CVE-2024-12484 Codezips Technical Discussion Forum signuppost.php sql injection — Technical Discussion Forum 7.3 High2024-12-11
CVE-2024-12481 cjbi wetech-cms UserDao.java findUser sql injection — wetech-cms 6.3 Medium2024-12-11
CVE-2024-12480 cjbi wetech-cms TopicDao.java searchTopic sql injection — wetech-cms 6.3 Medium2024-12-11
CVE-2024-12479 cjbi wetech-cms TopicDao.java searchTopicByKeyword sql injection — wetech-cms 6.3 Medium2024-12-11
CVE-2024-11773 Ivanti CSA 安全漏洞 — Cloud Services Application 9.1 Critical2024-12-10
CVE-2024-47977 Dell Avamar SQL注入漏洞 — Avamar 7.1 High2024-12-10

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.