CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8875

8875 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-10416	code-projects Blood Bank Management System cancel.php sql injection — Blood Bank Management System	6.3	Medium	2024-10-27
CVE-2024-10415	code-projects Blood Bank Management System accept.php sql injection — Blood Bank Management System	6.3	Medium	2024-10-27
CVE-2024-10411	SourceCodester Online Hotel Reservation System controller.php doCheckout sql injection — Online Hotel Reservation System	6.3	Medium	2024-10-27
CVE-2024-10409	code-projects Blood Bank Management accept.php sql injection — Blood Bank Management	6.3	Medium	2024-10-27
CVE-2024-10408	code-projects Blood Bank Management abs.php sql injection — Blood Bank Management	6.3	Medium	2024-10-27
CVE-2024-10407	SourceCodester Petrol Pump Management Software edit_customer.php sql injection — Petrol Pump Management Software	6.3	Medium	2024-10-26
CVE-2024-10406	SourceCodester Petrol Pump Management Software edit_fuel.php sql injection — Petrol Pump Management Software	6.3	Medium	2024-10-26
CVE-2024-9475	Poll Maker – Versus Polls, Anonymous Polls, Image Polls <= 5.4.6 - Authenticated (Administrator+) SQL Injection via Order_by Parameter — Poll Maker – Versus Polls, Anonymous Polls, Image Polls	4.9	Medium	2024-10-26
CVE-2024-10380	SourceCodester Petrol Pump Management Software ajax_product.php sql injection — Petrol Pump Management Software	6.3	Medium	2024-10-25
CVE-2024-10378	ESAFENET CDG CDGRenewApplicationService.java actionViewCDGRenewFile sql injection — CDG	6.3	Medium	2024-10-25
CVE-2024-10377	ESAFENET CDG DecryptApplicationService.java actionPassDecryptApplication1 sql injection — CDG	6.3	Medium	2024-10-25
CVE-2024-10376	ESAFENET CDG AutoSignService.java actionPassOrNotAutoSign sql injection — CDG	6.3	Medium	2024-10-25
CVE-2024-47483	Dell Data Lakehouse SQL注入漏洞 — Data Lakehouse	2.9	Low	2024-10-25
CVE-2024-10341	League of Legends Shortcodes <= 1.0.1 - Authenticated (Contributor+) SQL Injection via Shortcode — League of Legends Shortcodes	6.5	Medium	2024-10-25
CVE-2024-10370	Codezips Sales Management System addcustind.php sql injection — Sales Management System	7.3	High	2024-10-25
CVE-2024-10369	Codezips Sales Management System addcustcom.php sql injection — Sales Management System	7.3	High	2024-10-25
CVE-2024-10368	Codezips Sales Management System addstock.php sql injection — Sales Management System	7.3	High	2024-10-25
CVE-2024-10355	SourceCodester Petrol Pump Management Software invoice.php sql injection — Petrol Pump Management Software	4.7	Medium	2024-10-25
CVE-2024-10354	SourceCodester Petrol Pump Management Software print.php sql injection — Petrol Pump Management Software	4.7	Medium	2024-10-25
CVE-2024-10350	code-projects Hospital Management System add-doctor.php sql injection — Hospital Management System	4.7	Medium	2024-10-24
CVE-2024-10349	SourceCodester Best House Rental Management System ajax.php delete_tenant sql injection — Best House Rental Management System	6.3	Medium	2024-10-24
CVE-2024-47881	OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE) — OpenRefine	8.1	High	2024-10-24
CVE-2024-10338	SourceCodeHero Clothes Recommendation System home.php sql injection — Clothes Recommendation System	4.7	Medium	2024-10-24
CVE-2024-10337	SourceCodeHero Clothes Recommendation System home.php sql injection — Clothes Recommendation System	4.7	Medium	2024-10-24
CVE-2024-10336	SourceCodeHero Clothes Recommendation System Admin Login Page index.php sql injection — Clothes Recommendation System	7.3	High	2024-10-24
CVE-2024-10335	SourceCodester Garbage Collection Management System login.php sql injection — Garbage Collection Management System	7.3	High	2024-10-24
CVE-2024-49681	WordPress WP Sessions Time Monitoring Full Automatic plugin <= 1.0.9 - SQL Injection vulnerability — WP Sessions Time Monitoring Full Automatic	9.3	Critical	2024-10-24
CVE-2024-49691	WordPress Product Filter by WBW plugin <= 2.7.0 - SQL Injection vulnerability — Product Filter by WBW	7.6	High	2024-10-24
CVE-2024-5608	SQL Injection — ADAudit Plus	8.3	High	2024-10-24
CVE-2024-10331	PHPGurukul Vehicle Record System search-vehicle.php sql injection — Vehicle Record System	6.3	Medium	2024-10-24

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8875 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8875