Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8876

8876 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-45249 Cavok – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') — Cavok 9.8 Critical2024-10-06
CVE-2024-9536 ESAFENET CDG MultiServerBackService sql injection — CDG 6.3 Medium2024-10-05
CVE-2024-47849 Backticks can allow the usage of not-allowed SQL functions — Mediawiki - Cargo 9.8 -2024-10-05
CVE-2024-7801 SQL injection in get_chart_data in TimeProvider 4100 — TimeProvider 4100 9.8 -2024-10-04
CVE-2024-42417 Delta Electronics DIAEnergie SQL Injection — DIAEnergie 8.8 High2024-10-03
CVE-2024-43699 Delta Electronics DIAEnergie SQL Injection — DIAEnergie 9.8 Critical2024-10-03
CVE-2024-9460 Codezips Online Shopping Portal index.php sql injection — Online Shopping Portal 7.3 High2024-10-03
CVE-2024-9429 code-projects Restaurant Reservation System filter2.php sql injection — Restaurant Reservation System 6.3 Medium2024-10-02
CVE-2024-9018 WP Easy Gallery <= 4.8.5 - Authenticated (Contributor+) SQL Injection via key Parameter — WP Easy Gallery – WordPress Gallery Plugin 8.8 High2024-10-01
CVE-2024-9360 code-projects Restaurant Reservation System updatebal.php sql injection — Restaurant Reservation System 7.3 High2024-10-01
CVE-2024-9359 code-projects Restaurant Reservation System addcompany.php sql injection — Restaurant Reservation System 7.3 High2024-10-01
CVE-2024-9194 SQL Injection in the Octopus Server REST API — Octopus Server 9.8 -2024-09-30
CVE-2024-9328 SourceCodester Advocate Office Management System edit_client.php sql injection — Advocate Office Management System 6.3 Medium2024-09-29
CVE-2024-9327 code-projects Blood Bank System forgot.php sql injection — Blood Bank System 6.3 Medium2024-09-29
CVE-2024-9326 PHPGurukul Online Shopping Portal Admin Panel index.php sql injection — Online Shopping Portal 7.3 High2024-09-29
CVE-2024-9322 code-projects Supply Chain Management edit_manufacturer.php sql injection — Supply Chain Management 6.3 Medium2024-09-29
CVE-2024-9319 SourceCodester Online Timesheet App delete-timesheet.php sql injection — Online Timesheet App 6.3 Medium2024-09-28
CVE-2024-9318 SourceCodester Advocate Office Management System activate.php sql injection — Advocate Office Management System 6.3 Medium2024-09-28
CVE-2024-9317 SourceCodester Online Eyewear Shop Master.php delete_category sql injection — Online Eyewear Shop 6.3 Medium2024-09-28
CVE-2024-9316 code-projects Blood Bank Management System B+.php sql injection — Blood Bank Management System 6.3 Medium2024-09-28
CVE-2024-9315 SourceCodester Employee and Visitor Gate Pass Logging System manage_department.php sql injection — Employee and Visitor Gate Pass Logging System 6.3 Medium2024-09-28
CVE-2024-9296 SourceCodester Advocate Office Management System forgot_pass.php sql injection — Advocate Office Management System 7.3 High2024-09-28
CVE-2024-9295 SourceCodester Advocate Office Management System login.php sql injection — Advocate Office Management System 7.3 High2024-09-28
CVE-2024-9294 dingfanzu CMS saveNewPwd.php sql injection — CMS 6.3 Medium2024-09-27
CVE-2024-9293 skyselang yylAdmin Backend File.php list sql injection — yylAdmin 6.3 Medium2024-09-27
CVE-2024-8630 Alisonic Sibylla SQL Injection — Sibylla 9.4 Critical2024-09-27
CVE-2024-3373 SQLi in RSM Design's Website Template — Website Template 9.8AICriticalAI2024-09-27
CVE-2024-8607 SQLi in Oceanic Software's ValeApp — ValeApp 9.8AICriticalAI2024-09-27
CVE-2024-9130 GiveWP – Donation Plugin and Fundraising Platform <= 3.16.1 - Authenticated (GiveWP Manager+) SQL Injection via order Parameter — GiveWP – Donation Plugin and Fundraising Platform 7.2 High2024-09-27
CVE-2024-8275 The Events Calendar <= 6.6.4 - Unauthenticated SQL Injection — The Events Calendar 9.8 Critical2024-09-25

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8876 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.