Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8881

8881 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-6440 SourceCodester Home Owners Collection Management System sql injection — Home Owners Collection Management System 6.3 Medium2024-07-02
CVE-2024-6438 Hitout Carsale OrderController.java sql injection — Carsale 6.3 Medium2024-07-02
CVE-2024-6172 Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.25 - Unauthenticated SQL Injection via unsubscribe — Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress 9.8 Critical2024-07-02
CVE-2024-6419 SourceCodester Medicine Tracker System sql injection — Medicine Tracker System 6.3 Medium2024-06-30
CVE-2024-6418 SourceCodester Medicine Tracker System sql injection — Medicine Tracker System 7.3 High2024-06-30
CVE-2024-6417 SourceCodester Simple Online Bidding System sql injection — Simple Online Bidding System 6.3 Medium2024-06-30
CVE-2024-6416 SeaCMS sql injection — SeaCMS 6.3 Medium2024-06-30
CVE-2024-2386 WordPress Plugin for Google Maps – WP MAPS <= 4.6.1 - Authenticated (Contributor+) SQL Injection — WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters 8.8 High2024-06-29
CVE-2024-6265 UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress <= 1.2.10 - Unauthenticated SQL Injection via 'uwp_sort_by' — UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP 9.8 Critical2024-06-29
CVE-2024-5827 Arbitrary File Write by Prompt Injection via DuckDB SQL in vanna-ai/vanna — vanna-ai/vanna 9.8AICriticalAI2024-06-28
CVE-2024-3816 SQLi in S@M CMS — S@M CMS 9.8AICriticalAI2024-06-28
CVE-2024-1153 SQL Injection Vulnerability in Talya Informatics' Travel APPS — Travel APPS 4.6 Medium2024-06-27
CVE-2024-6372 itsourcecode Tailoring Management System customeradd.php sql injection — Tailoring Management System 6.3 Medium2024-06-27
CVE-2024-6371 itsourcecode Pool of Bethesda Online Reservation System controller.php sql injection — Pool of Bethesda Online Reservation System 7.3 High2024-06-27
CVE-2024-1839 Intrado 911 Emergency Gateway 安全漏洞 — 911 Emergency Gateway (EGW) 10.0 Critical2024-06-26
CVE-2024-4228 SQLi in Magarsus Consultancy's SSO — SSO (Single Sign On) 9.8 Critical2024-06-26
CVE-2024-37252 WordPress Email Subscribers by Icegram Express plugin <= 5.7.25 - SQL Injection vulnerability — Email Subscribers & Newsletters 9.3 Critical2024-06-26
CVE-2024-29174 Dell PowerProtect Data Domain SQL注入漏洞 — PowerProtect DD 4.4 Medium2024-06-26
CVE-2024-6308 itsourcecode Simple Online Hotel Reservation System index.php sql injection — Simple Online Hotel Reservation System 7.3 High2024-06-25
CVE-2024-6028 Quiz Maker <= 6.5.8.3 - Unauthenticated SQL Injection via 'ays_questions' Parameter — Quiz Maker 9.8 Critical2024-06-25
CVE-2024-6160 SQL Injection in MegaBIP — MegaBIP 9.1AICriticalAI2024-06-24
CVE-2024-6279 lahirudanushka School Management System Exam Results Page examresults-par.php sql injection — School Management System 6.3 Medium2024-06-24
CVE-2024-6278 lahirudanushka School Management System Subject Page subject.php sql injection — School Management System 4.7 Medium2024-06-24
CVE-2024-6277 lahirudanushka School Management System Student Page student.php sql injection — School Management System 4.7 Medium2024-06-24
CVE-2024-6276 lahirudanushka School Management System Teacher Page teacher.php sql injection — School Management System 4.7 Medium2024-06-24
CVE-2024-6275 lahirudanushka School Management System Parent Page parent.php sql injection — School Management System 4.7 Medium2024-06-24
CVE-2024-6274 lahirudanushka School Management System Attendance Report Page attendancelist.php sql injection — School Management System 4.7 Medium2024-06-24
CVE-2024-6268 lahirudanushka School Management System Login Page login.php sql injection — School Management System 7.3 High2024-06-23
CVE-2024-6266 Pear Admin Boot loadDictItem sql injection — Pear Admin Boot 6.3 Medium2024-06-23
CVE-2024-6253 itsourcecode Online Food Ordering System purchase.php sql injection — Online Food Ordering System 7.3 High2024-06-22

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8881 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.