CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-39359	Authenticated SQL injection vulnerability in graphs.php in Cacti — cacti	8.8	High	2023-09-05
CVE-2023-39361	Unauthenticated SQL Injection in graph_view.php in Cacti — cacti	9.8	Critical	2023-09-05
CVE-2023-4531	SQLi in Mestavs E-commerce Software — E-commerce Software	9.8	Critical	2023-09-05
CVE-2023-4034	SQLi in Smartrise Document Management System — Smartrise Document Management System	9.8	Critical	2023-09-05
CVE-2023-3616	SQLi in Mava Softwares Hotel Management System — Hotel Management System	9.8	Critical	2023-09-05
CVE-2023-35072	SQLi in Coyav Travels Proagent — Proagent	9.8	Critical	2023-09-05
CVE-2023-35068	SQLi in BMAs Personnel Tracking System — Personnel Tracking System	9.8	Critical	2023-09-05
CVE-2023-35065	SQLi in Osofts Paint Production Management — Paint Production Management	9.8	Critical	2023-09-05
CVE-2023-4747	DedeCMS tags.php sql injection — DedeCMS	6.3	Medium	2023-09-04
CVE-2023-4745	Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform importexport.php sql injection — Smart S45F Multi-Service Secure Gateway Intelligent Management Platform	6.3	Medium	2023-09-03
CVE-2023-4742	IBOS OA export&uid=X sql injection — OA	6.3	Medium	2023-09-03
CVE-2023-4741	IBOS OA Delete Logs del sql injection — OA	6.3	Medium	2023-09-03
CVE-2023-4740	IBOS OA Delete Draft delDraft&archiveId=0 sql injection — OA	6.3	Medium	2023-09-03
CVE-2023-39980	MXsecurity Authenticated Information Disclosure Due to SQL Injection — MXsecurity Series	7.1	High	2023-09-02
CVE-2023-4713	IBOS OA addcomment addComment sql injection — OA	5.5	Medium	2023-09-01
CVE-2023-4712	Xintian Smart Table Integrated Management System AddUpdateRole.aspx sql injection — Smart Table Integrated Management System	5.5	Medium	2023-09-01
CVE-2023-4708	Infosoftbd Clcknshop GET Parameter all sql injection — Clcknshop	6.3	Medium	2023-09-01
CVE-2023-31171	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') — SEL-5030 acSELerator QuickSet Software	5.9	Medium	2023-08-31
CVE-2023-2188	Colibri Page Builder <= 1.0.227 - Authenticated (Administrator+) SQL Injection via post_id — Colibri Page Builder	7.2	High	2023-08-31
CVE-2023-3677	WooCommerce PDF Invoice Builder <= 1.2.89 - Authenticated (Subscriber+) SQL Injection via Export — PDF Builder for WooCommerce. Create invoices,packing slips and more	8.8	High	2023-08-31
CVE-2023-2229	Quick Post Duplicator <= 2.0 - Authenticated (Contributor+) SQL Injection via post_id — Quick Post Duplicator	8.8	High	2023-08-31
CVE-2023-33852	IBM Security Guardium SQL injection — Security Guardium	7.6	High	2023-08-27
CVE-2023-4558	SourceCodester Inventory Management System staff_data.php sql injection — Inventory Management System	6.3	Medium	2023-08-27
CVE-2023-4557	SourceCodester Inventory Management System search_purchase_paymen_report.php sql injection — Inventory Management System	6.3	Medium	2023-08-27
CVE-2023-4556	SourceCodester Online Graduate Tracer System sexit.php mysqli_query sql injection — Online Graduate Tracer System	6.3	Medium	2023-08-27
CVE-2023-4548	SPA-Cart eCommerce CMS GET Parameter search sql injection — eCommerce CMS	6.3	Medium	2023-08-26
CVE-2023-4545	IBOS OA export&checkids=x sql injection — OA	6.3	Medium	2023-08-26
CVE-2023-4543	IBOS OA export&contactids=x sql injection — OA	6.3	Medium	2023-08-25
CVE-2023-4449	SourceCodester Free and Open Source Inventory Management System sql injection — Free and Open Source Inventory Management System	6.3	Medium	2023-08-21
CVE-2023-4447	OpenRapid RapidCMS article-chat.php sql injection — RapidCMS	6.3	Medium	2023-08-21

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873