CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8837

8837 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-49784	Fortinet FortiAnalyzer和Fortinet FortiAnalyzer-BigData SQL注入漏洞 — FortiAnalyzer-BigData	5.6	Medium	2026-03-10
CVE-2026-30930	Glances has SQL Injection via Process Names in TimescaleDB Export — glances	9.8^AI	Critical^AI	2026-03-10
CVE-2026-3843	SQL Injection in Nefteprodukttekhnika BUK TS-G Allows Remote Code Execution — BUK TS-G Gas Station Automation System	9.8	Critical	2026-03-10
CVE-2026-27684	SQL Injection Vulnerability in SAP NetWeaver (Feedback Notification) — SAP NetWeaver (Feedback Notification)	6.4	Medium	2026-03-10
CVE-2026-3818	Tiandy Easy7 CMS Windows GetDBData.jsp sql injection — Easy7 CMS Windows	7.3	High	2026-03-09
CVE-2025-40639	SQL injection in Eventobot — Eventobot	9.8^AI	Critical^AI	2026-03-09
CVE-2026-3806	SourceCodester/janobe Resort Reservation System room_rates.php sql injection — Resort Reservation System	6.3	Medium	2026-03-09
CVE-2026-3793	SourceCodester Sales and Inventory System GET Parameter sales_invoice1.php sql injection — Sales and Inventory System	6.3	Medium	2026-03-09
CVE-2026-3792	SourceCodester Sales and Inventory System GET Parameter purchase_invoice.php sql injection — Sales and Inventory System	6.3	Medium	2026-03-09
CVE-2026-3791	SourceCodester Sales and Inventory System Search dashboard.php sql injection — Sales and Inventory System	6.3	Medium	2026-03-09
CVE-2026-3790	SourceCodester Sales and Inventory System POST Parameter check_supplier_details.php sql injection — Sales and Inventory System	6.3	Medium	2026-03-09
CVE-2026-3786	EasyCMS Request Parameter RbacuserAction.class.php sql injection — EasyCMS	6.3	Medium	2026-03-08
CVE-2026-3785	EasyCMS Request Parameter RbacnodeAction.class.php sql injection — EasyCMS	6.3	Medium	2026-03-08
CVE-2026-3771	SourceCodester/janobe Resort Reservation System accomodation.php sql injection — Resort Reservation System	6.3	Medium	2026-03-08
CVE-2026-3767	itsourcecode sanitize or validate this input teacher-attendance.php sql injection — sanitize or validate this input	6.3	Medium	2026-03-08
CVE-2026-3765	itsourcecode University Management System att_single_view.php sql injection — University Management System	7.3	High	2026-03-08
CVE-2026-3760	itsourcecode University Management System view_result.php sql injection — University Management System	7.3	High	2026-03-08
CVE-2026-3759	projectworlds Online Art Gallery Shop adminHome.php sql injection — Online Art Gallery Shop	7.3	High	2026-03-08
CVE-2026-3758	projectworlds Online Art Gallery Shop adminHome.php sql injection — Online Art Gallery Shop	7.3	High	2026-03-08
CVE-2026-3757	projectworlds Online Art Gallery Shop pass sql injection — Online Art Gallery Shop	7.3	High	2026-03-08
CVE-2026-3756	SourceCodester Sales and Inventory System check_item_details.php sql injection — Sales and Inventory System	6.3	Medium	2026-03-08
CVE-2026-3755	SourceCodester Sales and Inventory System POST check_customer_details.php sql injection — Sales and Inventory System	6.3	Medium	2026-03-08
CVE-2026-3754	SourceCodester Sales and Inventory System add_stock.php sql injection — Sales and Inventory System	6.3	Medium	2026-03-08
CVE-2026-3753	SourceCodester Sales and Inventory System add_sales_print.php sql injection — Sales and Inventory System	6.3	Medium	2026-03-08
CVE-2026-3752	SourceCodester Employee Task Management System GET Parameter daily-task-report.php sql injection — Employee Task Management System	4.7	Medium	2026-03-08
CVE-2026-3751	SourceCodester Employee Task Management System GET Parameter daily-attendance-report.php sql injection — Employee Task Management System	4.7	Medium	2026-03-08
CVE-2026-3747	itsourcecode University Management System add_result.php sql injection — University Management System	7.3	High	2026-03-08
CVE-2026-3746	SourceCodester Simple Responsive Tourism Website Login Login.php sql injection — Simple Responsive Tourism Website	7.3	High	2026-03-08
CVE-2026-3745	code-projects Student Web Portal profile.php sql injection — Student Web Portal	6.3	Medium	2026-03-08
CVE-2026-3744	code-projects Student Web Portal signup.php valreg_passwdation sql injection — Student Web Portal	7.3	High	2026-03-08

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8837 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8837