Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8837

8837 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-3740 itsourcecode University Management System admin_search_student.php sql injection — University Management System 7.3 High2026-03-08
CVE-2026-3736 code-projects Simple Flight Ticket Booking System SearchResultRoundtrip.php sql injection — Simple Flight Ticket Booking System 7.3 High2026-03-08
CVE-2026-3735 code-projects Simple Flight Ticket Booking System SearchResultOneway.php sql injection — Simple Flight Ticket Booking System 7.3 High2026-03-08
CVE-2026-3730 itsourcecode Free Hotel Reservation System index.php sql injection — Free Hotel Reservation System 7.3 High2026-03-08
CVE-2026-3723 code-projects Simple Flight Ticket Booking System Admindelete.php sql injection — Simple Flight Ticket Booking System 7.3 High2026-03-08
CVE-2026-3711 code-projects Simple Flight Ticket Booking System Adminupdate.php sql injection — Simple Flight Ticket Booking System 4.7 Medium2026-03-08
CVE-2026-3710 code-projects Simple Flight Ticket Booking System Adminadd.php sql injection — Simple Flight Ticket Booking System 4.7 Medium2026-03-08
CVE-2026-3709 code-projects Simple Flight Ticket Booking System register.php sql injection — Simple Flight Ticket Booking System 7.3 High2026-03-08
CVE-2026-3708 code-projects Simple Flight Ticket Booking System login.php sql injection — Simple Flight Ticket Booking System 7.3 High2026-03-08
CVE-2026-3705 code-projects Simple Flight Ticket Booking System Adminsearch.php sql injection — Simple Flight Ticket Booking System 7.3 High2026-03-08
CVE-2026-3672 JeecgBoot getDictItems isExistSqlInjectKeyword sql injection — JeecgBoot 6.3 Medium2026-03-07
CVE-2026-30860 WeKnora: Remote Code Execution via SQL Injection Bypass in AI Database Query Tool — WeKnora 10.0 Critical2026-03-07
CVE-2026-2429 Community Events <= 1.5.8 - Authenticated (Administrator+) SQL Injection via 'ce_venue_name' CSV Field — Community Events 4.9 Medium2026-03-07
CVE-2025-14353 ZIP Code Based Content Protection <= 1.0.2 - Unauthenticated SQL Injection via 'zipcode' Parameter — ZIP Code Based Content Protection 7.5 High2026-03-07
CVE-2018-25199 OOP CMS BLOG 1.0 SQL Injection via search parameter — OOP CMS BLOG 8.2 High2026-03-06
CVE-2018-25197 PlayJoom 0.10.1 SQL Injection via catid Parameter — PlayJoom 8.2 High2026-03-06
CVE-2018-25196 ServerZilla 1.0 SQL Injection via email Parameter — ServerZilla 8.2 High2026-03-06
CVE-2018-25192 GPS Tracking System 2.12 SQL Injection via username Parameter — GPS Tracking System 8.2 High2026-03-06
CVE-2018-25191 Facturation System 1.0 SQL Injection via editar_producto.php — Facturation System 7.1 High2026-03-06
CVE-2018-25189 Data Center Audit 2.6.2 SQL Injection via username Parameter — Data Center Audit 8.2 High2026-03-06
CVE-2018-25188 Webiness Inventory 2.3 SQL Injection via WsModelGrid.php — Webiness Inventory 8.2 High2026-03-06
CVE-2018-25187 Tina4 Stack 1.0.3 SQL Injection and Database File Download — Tina4 Stack 8.2 High2026-03-06
CVE-2018-25182 Silurus Classifieds Script 2.0 SQL Injection via wcategory.php — Silurus Classifieds Script 8.2 High2026-03-06
CVE-2018-25180 Maitra 1.7.2 SQL Injection and Database File Download — Maitra 7.1 High2026-03-06
CVE-2018-25179 Gumbo CMS 0.99 SQL Injection via settings endpoint — Gumbo CMS 8.2 High2026-03-06
CVE-2018-25175 Alienor Web Libre 2.0 SQL Injection via index.php — Alienor Web Libre 8.2 High2026-03-06
CVE-2018-25173 Rmedia SMS 1.0 SQL Injection via editgrp.php — Rmedia SMS 8.2 High2026-03-06
CVE-2018-25172 Pedidos 1.0 SQL Injection via load_proveedores.php — Pedidos 8.2 High2026-03-06
CVE-2018-25167 Net-Billetterie 2.9 SQL Injection via login.inc.php — Billetterie 8.2 High2026-03-06
CVE-2018-25166 Meneame English Pligg 5.8 SQL Injection via search Parameter — Meneame English Pligg 8.2 High2026-03-06

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8837 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.