CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-1206	WP Recipe Maker <= 9.1.2 - Missing Authorization to Authenticated (Subscriber+) SQL Injecton — WP Recipe Maker	8.8	High	2024-02-20
CVE-2024-1597	pgjdbc SQL Injection via line comment generation — pgjdbc	10.0	Critical	2024-02-19
CVE-2024-0610	Piraeus Bank WooCommerce Payment Gateway <= 1.6.5.1 - Unauthenticated SQL Injection — Piraeus Bank WooCommerce Payment Gateway	9.8	Critical	2024-02-17
CVE-2024-1512	MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.2.5 - Unauthenticated SQL Injection — MasterStudy LMS WordPress Plugin – for Online Courses and Education	9.8	Critical	2024-02-17
CVE-2024-21775	SQL Injection — Exchange Reporter Plus	8.3	High	2024-02-16
CVE-2023-5155	SQLi in Utarit's Smart Deposit System — SoliPay Mobile App	9.8	Critical	2024-02-15
CVE-2023-7081	SQLi in PosTahsil's Online Payment System — Online Payment System	9.8	Critical	2024-02-15
CVE-2024-1530	ECshop view_sendlist.php sql injection — ECshop	6.3	Medium	2024-02-15
CVE-2024-26264	EBM Technologies RISWEB - SQL Injection — RISWEB	9.8	Critical	2024-02-15
CVE-2024-26262	EBM Technologies Uniweb/SoliPACS WebServer - SQL Injection — Uniweb/SoliPACS WebServer	8.8	High	2024-02-15
CVE-2024-1523	EC-WEB FS-EZViewer(Web) - SQL Injection — FS-EZViewer(Web)	8.8	High	2024-02-15
CVE-2024-23603	BIG-IP Advanced WAF and ASM Configuration utility vulnerability — BIG-IP	3.8	Low	2024-02-14
CVE-2023-6441	SQLi in UNI-PA's University Information System — University Information System	9.8	Critical	2024-02-14
CVE-2023-44294	Dell EMC Secure Connect Gateway SQL注入漏洞 — Secure Connect Gateway-Application	5.4	Medium	2024-02-14
CVE-2023-44293	Dell EMC Secure Connect Gateway SQL注入漏洞 — Secure Connect Gateway-Application	5.4	Medium	2024-02-14
CVE-2024-23810	Siemens SINEC NMS SQL注入漏洞 — SINEC NMS	8.8	High	2024-02-13
CVE-2024-22221	Dell Unity SQL注入漏洞 — Unity	4.5	Medium	2024-02-12
CVE-2024-0594	Awesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Authenticated (Subscriber+) SQL Injection — Awesome Support – WordPress HelpDesk & Support Plugin	8.8	High	2024-02-10
CVE-2023-6677	SQLi in Oduyo Online Collection Software — Online Collection	9.8	Critical	2024-02-09
CVE-2024-1207	Booking Calendar <= 9.9 - Unauthenticated SQL Injection — Booking Calendar	9.8	Critical	2024-02-08
CVE-2024-24811	Products.SQLAlchemyDA vulnerable to unauthenticated arbitrary SQL query execution — Products.SQLAlchemyDA	9.8	Critical	2024-02-07
CVE-2024-1118	Podlove Subscribe button <= 1.3.10 - Authenticated (Contributor+) SQL Injection — Podlove Subscribe button	8.8	High	2024-02-07
CVE-2024-0971	Nessus SQL注入漏洞 — Nessus	6.5	Medium	2024-02-06
CVE-2024-1254	Byzoro Smart S20 Management Platform sysmanageajax.php sql injection — Smart S20 Management Platform	4.7	Medium	2024-02-06
CVE-2024-1252	Tongda OA 2017 delete.php sql injection — OA 2017	5.5	Medium	2024-02-06
CVE-2023-35188	SQL Injection Remote Code Execution Vulnerability — SolarWinds Platform	8.0	High	2024-02-06
CVE-2024-1251	Tongda OA 2017 delete.php sql injection — OA 2017	5.5	Medium	2024-02-06
CVE-2023-50395	SQL Injection Remote Code Execution Vulnerability — SolarWinds Platform	8.0	High	2024-02-06
CVE-2019-25159	mpedraza2020 Intranet del Monterroso cargos.php sql injection — Intranet del Monterroso	5.5	Medium	2024-02-04
CVE-2024-1197	SourceCodester Testimonial Page Manager HTTP GET Request delete-testimonial.php sql injection — Testimonial Page Manager	7.3	High	2024-02-02

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873