CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-11732	BP Profile Shortcodes Extra <= 2.6.0 - Authenticated (Contributor+) SQL Injection via tab Parameter — BP Profile Shortcodes Extra	6.5	Medium	2024-12-03
CVE-2024-46905	WhatsUp Gold GetOrderByClause SQL Injection Privilege Escalation Vulnerability — WhatsUp Gold	8.8	High	2024-12-02
CVE-2024-46906	WhatsUp Gold GetSqlWhereClause SQL Injection Privilege Escalation Vulnerability — WhatsUp Gold	8.8	High	2024-12-02
CVE-2024-46907	WhatsUp Gold GetFilterCriteria SQL Injection Privilege Escalation Vulnerability — WhatsUp Gold	8.8	High	2024-12-02
CVE-2024-46908	WhatsUp Gold GetFilterCriteria SQL Injection Privilege Escalation Vulnerability — WhatsUp Gold	8.8	High	2024-12-02
CVE-2024-53792	WordPress Watu Quiz plugin <= 3.4.1.2 - SQL Injection vulnerability — Watu Quiz	8.5	High	2024-12-02
CVE-2024-12015	SQL Injection in WordPress Project Manager Plugin — WP Project Manager	7.7	High	2024-12-02
CVE-2024-12007	code-projects Farmacia visualizar-produto.php sql injection — Farmacia	6.3	Medium	2024-12-01
CVE-2024-53783	WordPress Ni WooCommerce Cost Of Goods plugin <= 3.2.8 - SQL Injection vulnerability — Ni WooCommerce Cost Of Goods	7.6	High	2024-11-30
CVE-2024-11998	code-projects Farmacia visualizer-forneccedor.chp sql injection — Farmacia	6.3	Medium	2024-11-30
CVE-2024-11970	code-projects Concert Ticket Ordering System tour(cor).php sql injection — Concert Ticket Ordering System	7.3	High	2024-11-28
CVE-2024-11968	code-projects Farmacia pagamento.php sql injection — Farmacia	6.3	Medium	2024-11-28
CVE-2024-11967	PHPGurukul Complaint Management system reset-password.php sql injection — Complaint Management system	7.3	High	2024-11-28
CVE-2024-11966	PHPGurukul Complaint Management system index.php sql injection — Complaint Management system	7.3	High	2024-11-28
CVE-2024-11965	PHPGurukul Complaint Management system reset-password.php sql injection — Complaint Management system	7.3	High	2024-11-28
CVE-2024-11964	PHPGurukul Complaint Management system index.php sql injection — Complaint Management system	7.3	High	2024-11-28
CVE-2024-11963	code-projects Responsive Hotel Site room.php sql injection — Responsive Hotel Site	6.3	Medium	2024-11-28
CVE-2024-11962	code-projects Simple Car Rental System login.php sql injection — Simple Car Rental System	7.3	High	2024-11-28
CVE-2024-52474	WordPress Express Payments plugin <= 1.1.8 - SQL Injection vulnerability — Express Payments Module	9.3	Critical	2024-11-28
CVE-2024-52495	WordPress Distance Based Shipping Calculator plugin <= 2.0.23 - SQL Injection vulnerability — Distance Based Shipping Calculator	8.5	High	2024-11-28
CVE-2024-8308	Siempelkamp: SQL injection due to improper handling of HTTP request input data — UmweltOffice	6.5	Medium	2024-11-28
CVE-2024-42327	SQL injection in user.get API — Zabbix	9.9	Critical	2024-11-27
CVE-2024-11009	Internal Linking for SEO traffic & Ranking – Auto internal links (100% automatic) <= 1.2.1 - Authenticated (Administrator+) SQL Injection via post_id Parameter — Automatic Internal Links for SEO by Pagup	4.9	Medium	2024-11-27
CVE-2024-11025	SMA: SQL injection in Sunny Central UP — Sunny Central SC 1760-US	5.4	Medium	2024-11-27
CVE-2024-11819	1000 Projects Portfolio Management System MCA forgot_password_process.php sql injection — Portfolio Management System MCA	7.3	High	2024-11-26
CVE-2024-11818	PHPGurukul User Registration & Login and User Management System signup.php sql injection — User Registration & Login and User Management System	7.3	High	2024-11-26
CVE-2024-11817	PHPGurukul User Registration & Login and User Management System index.php sql injection — User Registration & Login and User Management System	7.3	High	2024-11-26
CVE-2024-11744	1000 Projects Portfolio Management System MCA register.php sql injection — Portfolio Management System MCA	7.3	High	2024-11-26
CVE-2024-10570	Security & Malware scan by CleanTalk <= 2.145 - Authorization Bypass via Reverse DNS Spoofing to Unauthenticated SQL Injection — Login Security, FireWall, Malware removal by CleanTalk	7.5	High	2024-11-26
CVE-2024-11663	Codezips E-Commerce Site search.php sql injection — E-Commerce Site	7.3	High	2024-11-25

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873