CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8880

8880 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-3618	SourceCodester Kortex Lite Advocate Office Management System activate_case.php sql injection — Kortex Lite Advocate Office Management System	4.7	Medium	2024-04-11
CVE-2024-3617	SourceCodester Kortex Lite Advocate Office Management System deactivate_case.php sql injection — Kortex Lite Advocate Office Management System	4.7	Medium	2024-04-11
CVE-2024-31355	WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Auth. SQL Injection vulnerability — Slideshow Gallery	8.5	High	2024-04-10
CVE-2024-31356	WordPress User Activity Log plugin <= 1.8 - Auth. SQL Injection vulnerability — User Activity Log	7.6	High	2024-04-10
CVE-2024-3540	Campcodes Church Management System add_sundaysch.php sql injection — Church Management System	6.3	Medium	2024-04-10
CVE-2024-3539	Campcodes Church Management System addgiving.php sql injection — Church Management System	6.3	Medium	2024-04-10
CVE-2024-3538	Campcodes Church Management System addTithes.php sql injection — Church Management System	6.3	Medium	2024-04-10
CVE-2024-3537	Campcodes Church Management System admin_user.php sql injection — Church Management System	6.3	Medium	2024-04-10
CVE-2024-3536	Campcodes Church Management System delete_log.php sql injection — Church Management System	6.3	Medium	2024-04-10
CVE-2024-3535	Campcodes Church Management System index.php sql injection — Church Management System	7.3	High	2024-04-10
CVE-2024-3534	Campcodes Church Management System login.php sql injection — Church Management System	7.3	High	2024-04-10
CVE-2024-3523	Campcodes Online Event Management System index.php sql injection — Online Event Management System	6.3	Medium	2024-04-09
CVE-2024-3522	Campcodes Online Event Management System process.php sql injection — Online Event Management System	6.3	Medium	2024-04-09
CVE-2024-0952	WP ERP <= 1.12.9 - Authenticated (Accounting Manager+) SQL Injection via id — ERP: Complete HR, Accounting & CRM Suite with WooCommerce CRM Support	7.2	High	2024-04-09
CVE-2024-2341	Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.7 - Authenticated (Subscriber+) SQL Injection — Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin	8.8	High	2024-04-09
CVE-2024-2344	Avada <= 7.11.6 - Authenticated (Admin+) SQL Injection via entry — Avada \| Website Builder For WordPress & WooCommerce	7.2	High	2024-04-09
CVE-2024-1893	Easy Property Listings <= 3.5.2 - Authenticated(Contributor+) SQL Injection via Shortcode — Easy Property Listings	8.8	High	2024-04-09
CVE-2024-2871	Media Library Assistant <= 3.13 - Authenticated (Contributor+) SQL Injection via Shortcode — Media Library Assistant	6.4	Medium	2024-04-09
CVE-2024-1990	RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.1.0 - Authenticated (Contributor+) SQL Injection via Shortcode — RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login	8.8	High	2024-04-09
CVE-2024-2804	Network Summary <= 2.0.11 - Unauthenticated SQL Injection — Network Summary	9.8	Critical	2024-04-09
CVE-2024-2018	WP Activity Log Premium <= 4.6.4 - Authenticated (Subscriber+) SQL Injection — WP Activity Log Premium	8.8	High	2024-04-09
CVE-2023-6967	Pods - Custom Content Types and Fields - Authenticated (Contributor+) SQL Injection via Shortcode — Pods – Custom Content Types and Fields	8.8	High	2024-04-09
CVE-2024-2342	Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.7 - Authenticated (Contributor+) SQL Injection via Shortcode — Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin	8.8	High	2024-04-09
CVE-2024-31370	WordPress CodeisAwesome AIKit plugin <= 4.14.1 - SQL Injection vulnerability — AIKit	8.5	High	2024-04-09
CVE-2024-3466	SourceCodester Laundry Management System Pengeluaran.php laporan_filter sql injection — Laundry Management System	5.5	Medium	2024-04-08
CVE-2024-3465	SourceCodester Laundry Management System Transaki.php laporan_filter sql injection — Laundry Management System	6.3	Medium	2024-04-08
CVE-2024-3464	SourceCodester Laundry Management System Pelanggan.php laporan_filter sql injection — Laundry Management System	6.3	Medium	2024-04-08
CVE-2024-3458	Netentsec NS-ASG Application Security Gateway add_ikev2.php sql injection — NS-ASG Application Security Gateway	6.3	Medium	2024-04-08
CVE-2024-3457	Netentsec NS-ASG Application Security Gateway config_ISCGroupNoCache.php sql injection — NS-ASG Application Security Gateway	6.3	Medium	2024-04-08
CVE-2024-3456	Netentsec NS-ASG Application Security Gateway config_Anticrack.php sql injection — NS-ASG Application Security Gateway	6.3	Medium	2024-04-08

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8880 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8880