Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8881

8881 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-5362 SourceCodester Online Hospital Management System departmentDoctor.php sql injection — Online Hospital Management System 7.3 High2024-05-26
CVE-2024-5361 PHPGurukul Zoo Management System normal-bwdates-reports-details.php sql injection — Zoo Management System 6.3 Medium2024-05-26
CVE-2024-5360 PHPGurukul Zoo Management System foreigner-bwdates-reports-details.php sql injection — Zoo Management System 6.3 Medium2024-05-26
CVE-2024-5359 PHPGurukul Zoo Management System foreigner-search.php sql injection — Zoo Management System 6.3 Medium2024-05-26
CVE-2024-5358 PHPGurukul Zoo Management System normal-search.php sql injection — Zoo Management System 6.3 Medium2024-05-26
CVE-2024-5357 PHPGurukul Zoo Management System forgot-password.php sql injection — Zoo Management System 7.3 High2024-05-26
CVE-2024-5356 anji-plus AJ-Report testTransform;swagger-ui sql injection — AJ-Report 6.3 Medium2024-05-26
CVE-2024-5350 anji-plus AJ-Report pageList sql injection — AJ-Report 6.3 Medium2024-05-25
CVE-2024-5315 Multiple vulnerabilities in DOLIBARR's ERP CMS — ERP CMS 9.1 Critical2024-05-24
CVE-2024-5314 Multiple vulnerabilities in DOLIBARR's ERP CMS — ERP CMS 9.1 Critical2024-05-24
CVE-2024-4779 Unlimited Elements for Elementor <= 1.5.107 - Authenticated (Contributor+) SQL Injection via data[post_ids][0] — Unlimited Elements For Elementor 8.8 High2024-05-23
CVE-2024-5240 Campcodes Complete Web-Based School Management System unread_msg.php sql injection — Complete Web-Based School Management System 6.3 Medium2024-05-23
CVE-2024-5239 Campcodes Complete Web-Based School Management System timetable_update_form.php sql injection — Complete Web-Based School Management System 6.3 Medium2024-05-23
CVE-2024-5238 Campcodes Complete Web-Based School Management System timetable_insert_form.php sql injection — Complete Web-Based School Management System 6.3 Medium2024-05-23
CVE-2024-5237 Campcodes Complete Web-Based School Management System timetable_grade_wise.php sql injection — Complete Web-Based School Management System 6.3 Medium2024-05-23
CVE-2024-5236 Campcodes Complete Web-Based School Management System teacher_salary_invoice1.php sql injection — Complete Web-Based School Management System 6.3 Medium2024-05-23
CVE-2024-5235 Campcodes Complete Web-Based School Management System teacher_salary_invoice.php sql injection — Complete Web-Based School Management System 6.3 Medium2024-05-23
CVE-2024-5234 Campcodes Complete Web-Based School Management System teacher_salary_history1.php sql injection — Complete Web-Based School Management System 6.3 Medium2024-05-23
CVE-2024-5233 Campcodes Complete Web-Based School Management System teacher_salary_details3.php sql injection — Complete Web-Based School Management System 6.3 Medium2024-05-23
CVE-2024-5232 Campcodes Complete Web-Based School Management System teacher_salary_details2.php sql injection — Complete Web-Based School Management System 6.3 Medium2024-05-23
CVE-2024-5231 Campcodes Complete Web-Based School Management System teacher_salary_details.php sql injection — Complete Web-Based School Management System 6.3 Medium2024-05-23
CVE-2023-51637 Sante PACS Server PG Patient Query SQL Injection Remote Code Execution Vulnerability — PACS Server PG 9.8AICriticalAI2024-05-22
CVE-2024-21791 SQL Injection in ADAudit Plus — ADAudit Plus 4.7 Medium2024-05-22
CVE-2024-20360 Cisco Firepower Management Center 安全漏洞 — Cisco Firepower Management Center 8.8 High2024-05-22
CVE-2024-3495 Country State City Dropdown CF7 <= 2.7.2 - Unauthenticated SQL Injection — Country State City Dropdown CF7 9.8 Critical2024-05-22
CVE-2024-4443 Business Directory Plugin – Easy Listing Directories for WordPress <= 6.4.2 - Unauthenticated SQL Injection via listingfields Parameter — Business Directory Plugin – Easy Listing Directories for WordPress 9.8 Critical2024-05-22
CVE-2024-3518 Media Library Assistant <= 3.15 - Authenticated (Contributor+) SQL Injection via Shortcode — Media Library Assistant 8.8 High2024-05-21
CVE-2023-3942 Multiple SQLi in ZkTeco-based OEM devices — ZkTeco-based OEM devices with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0, Standalone service v. 2.1.6-20200907 7.5 High2024-05-21
CVE-2023-3938 Bypassing ZkTeco-based OEM devices/ZKTeco biometric authentication system via SQLi in QR code — ZkTeco-based OEM devices with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0 4.6 Medium2024-05-21
CVE-2024-5135 PHPGurukul Directory Management System index.php sql injection — Directory Management System 7.3 High2024-05-20

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8881 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.