Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8876

8876 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-1863 Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability — PACS Server 9.8 -2024-04-01
CVE-2024-0637 Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability — Centreon 8.8 -2024-04-01
CVE-2024-3131 SourceCodester Computer Laboratory Management System sql injection — Computer Laboratory Management System 6.3 Medium2024-04-01
CVE-2024-25574 Delta Electronics DIAEnergie SQL Injection — DIAEnergie 8.8 High2024-04-01
CVE-2024-30489 WordPress WP Cost Estimation & Payment Forms Builder plugin <= 10.1.75 - SQL Injection vulnerability — WP Cost Estimation & Payment Forms Builder 8.5 High2024-03-31
CVE-2024-30535 WordPress Easy Form Builder plugin <= 3.7.4 - SQL Injection vulnerability — Easy Form Builder 8.5 High2024-03-31
CVE-2024-31116 WordPress 10Web Map Builder for Google Maps plugin <= 1.0.74 - SQL Injection vulnerability — 10Web Map Builder for Google Maps 7.6 High2024-03-31
CVE-2024-3088 PHPGurukul Emergency Ambulance Hiring Portal Forgot Password Page forgot-password.php sql injection — Emergency Ambulance Hiring Portal 7.3 High2024-03-30
CVE-2024-3087 PHPGurukul Emergency Ambulance Hiring Portal Ambulance Tracking Page ambulance-tracking.php sql injection — Emergency Ambulance Hiring Portal 7.3 High2024-03-30
CVE-2024-3085 PHPGurukul Emergency Ambulance Hiring Portal Admin Login Page login.php sql injection — Emergency Ambulance Hiring Portal 7.3 High2024-03-30
CVE-2024-23538 Apache Fineract: Under certain system configurations, the sqlSearch parameter was vulnerable to SQL injection attacks, potentially allowing attackers to manipulate database queries. — Apache Fineract 9.9 Critical2024-03-29
CVE-2024-23539 Apache Fineract: Under certain system configurations, the sqlSearch parameter for specific endpoints was vulnerable to SQL injection attacks, potentially allowing attackers to manipulate database queries. — Apache Fineract 8.3 High2024-03-29
CVE-2024-30504 WordPress WP Travel Engine plugin <= 5.7.9 - SQL Injection vulnerability — WP Travel Engine 7.6 High2024-03-29
CVE-2024-30502 WordPress WP Travel Engine plugin <= 5.7.9 - Unauth. Blind SQL Injection vulnerability — WP Travel Engine 9.3 Critical2024-03-29
CVE-2024-30501 WordPress Download Monitor theme <= 4.9.4 - Auth. SQL Injection vulnerability — Download Monitor 7.6 High2024-03-29
CVE-2024-30499 WordPress CRM Perks Forms plugin <= 1.1.4 - SQL Injection vulnerability — CRM Perks Forms 8.5 High2024-03-29
CVE-2024-30498 WordPress CRM Perks Forms plugin <= 1.1.4 - Unauthenticated SQL Injection vulnerability — CRM Perks Forms 9.3 Critical2024-03-29
CVE-2024-30497 WordPress WP Responsive Tabs horizontal vertical and accordion Tabs plugin <= 1.1.17 - SQL Injection vulnerability — WP Responsive Tabs horizontal vertical and accordion Tabs 8.5 High2024-03-29
CVE-2024-30496 WordPress Element Pack Lite plugin <= 5.5.3 - SQL Injection vulnerability — Element Pack Elementor Addons 8.5 High2024-03-29
CVE-2024-30495 WordPress Falang multilanguage for WordPress plugin <= 1.3.47 - SQL Injection vulnerability — Falang multilanguage 7.6 High2024-03-29
CVE-2024-30494 WordPress OSS Aliyun plugin <= 1.4.10 - SQL Injection vulnerability — OSS Aliyun 7.6 High2024-03-29
CVE-2024-30491 WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.8 - SQL Injection vulnerability — ProfileGrid 8.5 High2024-03-29
CVE-2024-30490 WordPress ProfileGrid plugin <= 5.7.8 - SQL Injection vulnerability — ProfileGrid 9.3 Critical2024-03-29
CVE-2024-30488 WordPress Zotpress plugin <= 7.3.7 - SQL Injection vulnerability — Zotpress 8.5 High2024-03-29
CVE-2024-30486 WordPress Media Library Folders plugin <= 8.1.7 - Auth. SQL Injection vulnerability — Media Library Folders 8.5 High2024-03-29
CVE-2024-30478 WordPress Announcement & Notification Banner – Bulletin plugin <= 3.8.5 - SQL Injection vulnerability — WordPress Announcement & Notification Banner Plugin – Bulletin 7.6 High2024-03-29
CVE-2023-6191 SQLi in WebPDKS — WebPDKS 9.8 Critical2024-03-29
CVE-2024-0956 WP ERP <= 1.13.0 - Authenticated (AccountingManager+) SQL Injection — ERP: Complete HR, Accounting & CRM Suite with WooCommerce CRM Support 4.9 Medium2024-03-29
CVE-2024-0608 WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.13.1 - Authenticated (Subscriber+) SQL Injection — ERP: Complete HR, Accounting & CRM Suite with WooCommerce CRM Support 6.5 Medium2024-03-29
CVE-2024-0913 WP ERP <= 1.13.0 - Authenticated (Accounting Manager+) SQL Injection — ERP: Complete HR, Accounting & CRM Suite with WooCommerce CRM Support 7.2 High2024-03-29

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8876 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.