Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-25927 WordPress postMash – custom post order Plugin <= 1.2.0 is vulnerable to SQL Injection — postMash – custom post order 9.3 Critical2024-02-28
CVE-2024-24772 Apache Superset: Improper Neutralisation of custom SQL on embedded context — Apache Superset 4.3 Medium2024-02-28
CVE-2024-0786 Conversios <= 7.0.7 - Authenticated (Subscriber+) SQL Injection via ee_syncProductCategory — Conversios: Google Analytics (GA4), Google Ads, Conversion and Analytics Tracking for Multi-Channels 8.8 High2024-02-28
CVE-2024-1514 WP eCommerce <= 3.15.1 - Unauthenticated SQL Injection — WP eCommerce 9.8 Critical2024-02-28
CVE-2024-1928 SourceCodester Web-Based Student Clearance System Edit User Profile Page edit-admin.php sql injection — Web-Based Student Clearance System 4.7 Medium2024-02-27
CVE-2024-1927 SourceCodester Web-Based Student Clearance System login.php sql injection — Web-Based Student Clearance System 6.3 Medium2024-02-27
CVE-2024-1926 SourceCodester Free and Open Source Inventory Management System search_sales_report.php sql injection — Free and Open Source Inventory Management System 6.3 Medium2024-02-27
CVE-2024-1924 CodeAstro Membership Management System get_membership_amount.php sql injection — Membership Management System 6.3 Medium2024-02-27
CVE-2024-1923 SourceCodester Simple Student Attendance System List of Classes Page ajax-api.php delete_student sql injection — Simple Student Attendance System 6.3 Medium2024-02-27
CVE-2024-1698 NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor <= 2.8.2 - Unauthenticated SQL Injection — NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar 9.8 Critical2024-02-27
CVE-2024-1878 SourceCodester Employee Management System myprofile.php sql injection — Employee Management System 6.3 Medium2024-02-26
CVE-2024-1877 SourceCodester Employee Management System cancel.php sql injection — Employee Management System 6.3 Medium2024-02-26
CVE-2024-1876 SourceCodester Employee Management System psubmit.php sql injection — Employee Management System 7.3 High2024-02-26
CVE-2024-1833 SourceCodester Employee Management System login.php sql injection — Employee Management System 7.3 High2024-02-23
CVE-2024-1832 SourceCodester Complete File Management System Admin Login Form sql injection — Complete File Management System 7.3 High2024-02-23
CVE-2024-1831 SourceCodester Complete File Management System Login Form index.php sql injection — Complete File Management System 7.3 High2024-02-23
CVE-2022-43842 IBM Aspera Console SQL injection — Aspera Console 8.6 High2024-02-23
CVE-2024-1830 code-projects Library System lost-password.php sql injection — Library System 7.3 High2024-02-23
CVE-2024-1829 code-projects Library System registration.php sql injection — Library System 7.3 High2024-02-23
CVE-2024-1828 code-projects Library System registration.php sql injection — Library System 7.3 High2024-02-23
CVE-2024-1827 code-projects Library System login.php sql injection — Library System 7.3 High2024-02-23
CVE-2024-1826 code-projects Library System login.php sql injection — Library System 7.3 High2024-02-23
CVE-2024-1824 CodeAstro House Rental Management System signing.php sql injection — House Rental Management System 7.3 High2024-02-23
CVE-2024-1821 code-projects Crime Reporting System police_add.php sql injection — Crime Reporting System 5.5 Medium2024-02-23
CVE-2024-1820 code-projects Crime Reporting System inchargelogin.php sql injection — Crime Reporting System 7.3 High2024-02-23
CVE-2024-25928 WordPress Sitepact's Contact Form 7 Extension For Klaviyo Plugin <= 1.0.5 is vulnerable to SQL Injection — Sitepact 7.1 High2024-02-23
CVE-2024-1776 Admin side data storage for Contact Form 7 <= 1.1.1 - Authenticated (Admin+) SQL Injection — Admin side data storage for Contact Form 7 7.2 High2024-02-23
CVE-2024-1784 Limbas main_admin.php sql injection — Limbas 3.9 Low2024-02-23
CVE-2024-1702 keerti1924 PHP-MYSQL-User-Login-System edit.php sql injection — PHP-MYSQL-User-Login-System 6.3 Medium2024-02-21
CVE-2024-1317 RSS Aggregator by Feedzy <= 4.4.2 - Authenticated(Contributor+) SQL Injection — RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator 8.8 High2024-02-20

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.