CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8876

8876 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-6204	SQL injection — Exchange Reporter Plus	8.3	High	2024-08-30
CVE-2024-8345	SourceCodester Music Gallery Site Users.php sql injection — Music Gallery Site	6.3	Medium	2024-08-30
CVE-2024-8344	Campcodes Supplier Management System edit_area.php sql injection — Supplier Management System	6.3	Medium	2024-08-30
CVE-2024-8343	SourceCodester Sentiment Based Movie Rating System User Registration Users.php sql injection — Sentiment Based Movie Rating System	7.3	High	2024-08-30
CVE-2024-8340	SourceCodester Electric Billing Management System Actions.php sql injection — Electric Billing Management System	7.3	High	2024-08-30
CVE-2024-8339	SourceCodester Electric Billing Management System Connection Code ?page=tracks sql injection — Electric Billing Management System	6.3	Medium	2024-08-30
CVE-2024-8336	SourceCodester Music Gallery Site Master.php sql injection — Music Gallery Site	6.3	Medium	2024-08-30
CVE-2024-8335	OpenRapid RapidCMS runlogon.php sql injection — RapidCMS	6.3	Medium	2024-08-30
CVE-2024-8332	master-nan Sweet-CMS index sql injection — Sweet-CMS	6.3	Medium	2024-08-30
CVE-2024-8331	OpenRapid RapidCMS user-move-run.php sql injection — RapidCMS	6.3	Medium	2024-08-30
CVE-2024-8329	Gether Technology 6SHR System - SQL Injection — 6SHR System	8.8	High	2024-08-30
CVE-2024-8327	HWA JIUH DIGITAL TECHNOLOGY Easy test Online Learning and Testing Platform - SQL injection — Easy test Online Learning and Testing Platform	8.8	High	2024-08-30
CVE-2024-6672	WhatsUp Gold getMonitorJoin SQL Injection Privilege Escalation Vulnerability — WhatsUp Gold	8.8	High	2024-08-29
CVE-2024-6671	WhatsUp Gold GetStatisticalMonitorList SQL Injection Authentication Bypass Vulnerability — WhatsUp Gold	9.8	Critical	2024-08-29
CVE-2024-6670	WhatsUp Gold HasErrors SQL Injection Authentication Bypass Vulnerability — WhatsUp Gold	9.8	Critical	2024-08-29
CVE-2024-43965	WordPress SendGrid for WordPress plugin <= 1.4 - SQL Injection vulnerability — SendGrid for WordPress	8.2	High	2024-08-29
CVE-2024-43943	WordPress Greenshift Woocommerce Addon plugin < 1.9.8 - Subscriber+ SQL Injection vulnerability — Greenshift Woocommerce Addon	8.5	High	2024-08-29
CVE-2024-43942	WordPress Greenshift Query and Meta Addon plugin < 3.9.2 - Subscriber+ SQL Injection vulnerability — Greenshift Query and Meta Addon	8.5	High	2024-08-29
CVE-2024-43941	WordPress Propovoice Pro plugin <= 1.7.0.3 - Unauthenticated SQL Injection vulnerability — Propovoice Pro	9.3	Critical	2024-08-29
CVE-2024-43918	WordPress WBW Product Table PRO plugin <= 1.9.4 - Unauthenticated Arbitrary SQL Query Execution vulnerability — WBW Product Table PRO	10.0	Critical	2024-08-29
CVE-2024-43917	WordPress TI WooCommerce Wishlist plugin <= 2.8.2 - SQL Injection vulnerability — TI WooCommerce Wishlist	9.3	Critical	2024-08-29
CVE-2024-43144	WordPress Cost Calculator Builder plugin <= 3.2.15 - SQL Injection vulnerability — Cost Calculator Builder	9.3	Critical	2024-08-29
CVE-2024-43132	WordPress Docket (WooCommerce Collections / Wishlist / Watchlist) plugin < 1.7.0 - Unauthenticated SQL Injection vulnerability — Docket (WooCommerce Collections / Wishlist / Watchlist)	9.3	Critical	2024-08-29
CVE-2024-39658	WordPress Salon Booking System plugin <= 10.7 - Authenticated SQL Injection vulnerability — Salon booking system	7.6	High	2024-08-29
CVE-2024-8303	dingfanzu CMS getBasicInfo.php sql injection — CMS	6.3	Medium	2024-08-29
CVE-2024-39653	WordPress VikRentCar Car Rental Management System plugin <= 1.4.0 - SQL Injection vulnerability — VikRentCar	9.3	Critical	2024-08-29
CVE-2024-39638	WordPress Registrations for the Events Calendar plugin <= 2.12.2 - SQL Injection vulnerability — Registrations for the Events Calendar	8.5	High	2024-08-29
CVE-2024-39622	WordPress ListingPro theme <= 2.9.4 - Unauthenticated SQL Injection vulnerability — ListingPro	9.3	Critical	2024-08-29
CVE-2024-39620	WordPress ListingPro plugin <= 2.9.4 - SQL Injection vulnerability — ListingPro	8.5	High	2024-08-29
CVE-2024-38795	WordPress ListingPro plugin <= 2.9.4 - Unauthenticated SQL Injection vulnerability — ListingPro	9.3	Critical	2024-08-29

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8876 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8876