Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-47568 QTS, QuTS hero, QuTScloud — QTS 8.8 High2024-02-02
CVE-2024-0269 SQL Injection — ADAudit Plus 8.3 High2024-02-02
CVE-2024-0253 SQL Injection — ADAudit Plus 8.3 High2024-02-02
CVE-2024-0685 Ninja Forms Contact Form <= 3.7.1 - Unauthenticated Second Order SQL Injection — Ninja Forms – The Contact Form Builder That Grows With You 5.9 Medium2024-02-02
CVE-2024-24572 facileManager Authenticated Variable Manipulation leading to SQL Injection — facileManager 6.5 Medium2024-01-31
CVE-2024-23507 WordPress InstaWP Connect plugin <= 0.1.0.9 - SQL Injection vulnerability — InstaWP Connect 8.5 High2024-01-31
CVE-2024-1012 Wanhu ezOFFICE wf_printnum.jsp sql injection — ezOFFICE 6.3 Medium2024-01-31
CVE-2024-1061 WordPress Plugin HTML5 Video Player SQL注入漏洞 8.6 High2024-01-30
CVE-2024-1009 SourceCodester Employee Management System login.php sql injection — Employee Management System 7.3 High2024-01-29
CVE-2024-1007 SourceCodester Employee Management System edit_profile.php sql injection — Employee Management System 6.3 Medium2024-01-29
CVE-2024-22147 WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.7.5 is vulnerable to SQL Injection — PDF Invoices & Packing Slips for WooCommerce 7.6 High2024-01-26
CVE-2024-22283 WordPress Delhivery Logistics Courier Plugin <= 1.0.107 is vulnerable to SQL Injection — Delhivery Logistics Courier 8.5 High2024-01-26
CVE-2024-0941 Novel-Plus list sql injection — Novel-Plus 5.5 Medium2024-01-26
CVE-2024-0938 Tongda OA 2017 delete_webmail.php sql injection — OA 2017 5.5 Medium2024-01-26
CVE-2024-0890 hongmaple octopus edit sql injection — octopus 6.3 Medium2024-01-25
CVE-2024-0884 SourceCodester Online Tours & Travels Management System payment.php exec sql injection — Online Tours & Travels Management System 4.7 Medium2024-01-25
CVE-2024-0883 SourceCodester Online Tours & Travels Management System pay.php prepare sql injection — Online Tours & Travels Management System 6.3 Medium2024-01-25
CVE-2024-23646 Pimcore Admin Classic Bundle SQL Injection in Admin download files as zip — admin-ui-classic-bundle 8.8 High2024-01-24
CVE-2024-0784 hongmaple octopus list sql injection — octopus 6.3 Medium2024-01-22
CVE-2024-0735 SourceCodester Online Tours & Travels Management System expense.php exec sql injection — Online Tours & Travels Management System 6.3 Medium2024-01-19
CVE-2024-0734 Smsot get.php sql injection — Smsot 6.3 Medium2024-01-19
CVE-2024-0733 Smsot HTTP POST Request api.php sql injection — Smsot 6.3 Medium2024-01-19
CVE-2024-0730 Project Worlds Online Time Table Generator course_ajax.php sql injection — Online Time Table Generator 6.3 Medium2024-01-19
CVE-2024-0729 ForU CMS cms_admin.php sql injection — CMS 5.5 Medium2024-01-19
CVE-2024-0705 Stripe Payment Plugin for WooCommerce <= 3.7.9 - Unauthenticated SQL Injection — Payment Gateway of Stripe for WooCommerce 9.8 Critical2024-01-19
CVE-2023-5806 SQLi in Mergen Soft Quality Management System — Quality Management System 9.8 Critical2024-01-18
CVE-2024-0655 Novel-Plus list sql injection — Novel-Plus 5.5 Medium2024-01-18
CVE-2024-0651 PHPGurukul Company Visitor Management System search-visitor.php sql injection — Company Visitor Management System 6.3 Medium2024-01-18
CVE-2023-20271 Cisco Evolved Programmable Network Manager 安全漏洞 — Cisco Prime Infrastructure 6.5 Medium2024-01-17
CVE-2024-0405 Burst Statistics Really Simple Plugins <= 1.5.3 - Authenticated (Editor+) SQL Injection — Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) 7.2 High2024-01-17

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.