Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8881

8881 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-4794 Campcodes Online Laundry Management System manage_receiving.php sql injection — Online Laundry Management System 6.3 Medium2024-05-12
CVE-2024-4793 Campcodes Online Laundry Management System manage_laundry.php sql injection — Online Laundry Management System 6.3 Medium2024-05-12
CVE-2024-4792 Campcodes Online Laundry Management System admin_class.php sql injection — Online Laundry Management System 6.3 Medium2024-05-12
CVE-2024-3055 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Authenticated (Contributor+) SQL Injection — Unlimited Elements For Elementor 8.8 High2024-05-10
CVE-2024-4434 LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Time-Based SQL Injection — LearnPress – WordPress LMS Plugin for Create and Sell Online Courses 9.8 Critical2024-05-10
CVE-2024-4423 Authentication bypass in CemiPark — CemiPark 9.8 -2024-05-09
CVE-2024-26026 BIG-IP Central Manager SQL Injection — BIG-IP Next Central Manager 7.5 High2024-05-08
CVE-2024-21793 BIG-IP Central Manager OData Injection Vulnerability — BIG-IP Next Central Manager 7.5 High2024-05-08
CVE-2024-4654 BlueNet Technology Clinical Browsing System cloudInterface.php sql injection — Clinical Browsing System 6.3 Medium2024-05-08
CVE-2024-4653 BlueNet Technology Clinical Browsing System outIndex.php sql injection — Clinical Browsing System 6.3 Medium2024-05-08
CVE-2024-4595 SEMCMS function.php locate sql injection — SEMCMS 6.3 Medium2024-05-07
CVE-2024-31456 GLPI contains an authenticated SQL injection — glpi 7.7 High2024-05-07
CVE-2024-29889 GLPI contains an SQL injection through the saved searches — glpi 7.1 High2024-05-07
CVE-2024-34386 WordPress Auto Affiliate Links plugin <= 6.4.3.1 - SQL Injection vulnerability — Auto Affiliate Links 7.6 High2024-05-06
CVE-2024-34412 WordPress ParcelPanel plugin <= 3.8.1 - Auth. SQL Injection vulnerability — ParcelPanel 8.5 High2024-05-06
CVE-2021-20451 IBM Cognos Controller SQL injection — Cognos Controller 6.0 Medium2024-05-03
CVE-2023-38724 IBM Cognos Controller SQL injection — Cognos Controller 6.3 Medium2024-05-03
CVE-2024-4466 SQL injection vulnerability in Gescen — Gescen 9.8 Critical2024-05-03
CVE-2023-51595 Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection Remote Code Execution Vulnerability — ViewPower Pro 9.8 -2024-05-03
CVE-2023-51586 Voltronic Power ViewPower Pro selectEventConfig SQL Injection Remote Code Execution Vulnerability — ViewPower Pro 9.8 -2024-05-03
CVE-2023-44450 NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability — ProSAFE Network Management System 8.8 -2024-05-03
CVE-2023-44449 NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability — ProSAFE Network Management System 8.8 -2024-05-03
CVE-2023-38100 NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability — ProSAFE Network Management System 8.8 -2024-05-03
CVE-2023-38099 NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability — ProSAFE Network Management System 8.8 -2024-05-03
CVE-2023-35720 ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability — RT-AX92U 6.5 -2024-05-03
CVE-2023-27358 NETGEAR RAX30 SOAP Request SQL Injection Remote Code Execution Vulnerability — RAX30 8.8 -2024-05-03
CVE-2024-34031 SQL Injection vulnerability in Delta Electronics DIAEnergie — DIAEnergie 8.8 High2024-05-03
CVE-2024-34032 SQL Injection in Delta Electronics DIAEnergie — DIAEnergie 8.8 High2024-05-03
CVE-2024-2876 Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin <= 5.7.14 - Unauthenticated SQL Injection — Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress 9.8 Critical2024-05-02
CVE-2024-1797 WP ULike – Most Advanced WordPress Marketing Toolkit <= 4.6.9 - Authenticated (Contributor+) SQL Injection via Shortcodes — WP ULike – Like & Dislike Buttons for Engagement and Feedback 8.8 High2024-05-02

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8881 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.