Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8868

8868 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-3023 WP EasyCart <= 5.4.10 - Authenticated (Administrator+) SQL Injection via 'orderby' — Shopping Cart & eCommerce Store 7.2 High2023-07-12
CVE-2023-3624 Nesote Inout Blockchain FiatExchanger POST Parameter update_marketboxslider sql injection — Inout Blockchain FiatExchanger 6.3 Medium2023-07-11
CVE-2023-3621 IBOS OA Delete Packet delete createDeleteCommand sql injection — OA 6.3 Medium2023-07-11
CVE-2023-3619 SourceCodester AC Repair and Services System HTTP POST Request sql injection — AC Repair and Services System 6.3 Medium2023-07-11
CVE-2023-3617 SourceCodester Best POS Management System Login Page admin_class.php sql injection — Best POS Management System 7.3 High2023-07-11
CVE-2016-15034 Dynacase Webdesk freedomrss_search.php freedomrss_search sql injection — Webdesk 5.5 Medium2023-07-10
CVE-2023-29095 WordPress RSVPMarker Plugin < 10.5.5 is vulnerable to SQL Injection — RSVPMaker 7.6 High2023-07-10
CVE-2023-2046 SQLi in Yontem Vehicle TrackingSsystem — Vehicle Tracking System 9.8 Critical2023-07-09
CVE-2023-2852 SQLi in SoftMed's SelfPatron — SelfPatron 9.8 Critical2023-07-09
CVE-2023-3045 SQLi in Tise Technology's Parking Web Report — Parking Web Report 9.8 Critical2023-07-09
CVE-2023-37270 Piwigo SQL Injection vulnerability in "User-Agent" — Piwigo 7.6 High2023-07-07
CVE-2023-3534 SourceCodester Shopping Website check_availability.php sql injection — Shopping Website 6.3 Medium2023-07-07
CVE-2023-3528 ThinuTech ThinuCMS category.php sql injection — ThinuCMS 6.3 Medium2023-07-06
CVE-2023-22319 Milesight VPN SQL注入漏洞 — MilesightVPN 7.3 High2023-07-06
CVE-2023-36813 Kanboard Authenticated SQL Injections vulnerability — kanboard 7.1 High2023-07-05
CVE-2023-36808 GLPI vulnerable to SQL injection through Computer Virtual Machine information — glpi 8.6 High2023-07-05
CVE-2023-35924 GLPI vulnerable to SQL injection via inventory agent request — glpi 8.6 High2023-07-05
CVE-2023-3502 SourceCodester Shopping Website search-result.php sql injection — Shopping Website 6.3 Medium2023-07-04
CVE-2023-3490 SQL Injection in fossbilling/fossbilling — fossbilling/fossbilling 6.5 -2023-06-30
CVE-2023-3478 IBOS OA Add User edit&op=member actionEdit sql injection — OA 4.7 Medium2023-06-30
CVE-2023-3473 Campcodes Retro Cellphone Online Store edit_product.php sql injection — Retro Cellphone Online Store 4.7 Medium2023-06-30
CVE-2023-3458 SourceCodester Shopping Website forgot-password.php sql injection — Shopping Website 6.3 Medium2023-06-29
CVE-2023-3457 SourceCodester Shopping Website index.php sql injection — Shopping Website 6.3 Medium2023-06-29
CVE-2023-3449 IBOS OA Interview Management Export export&interviews=x actionExport sql injection — OA 5.5 Medium2023-06-28
CVE-2023-34418 Lenovo XClarity Administrator SQL注入漏洞 — Lenovo XClarity Administrator 8.1 High2023-06-26
CVE-2023-3396 Campcodes Retro Cellphone Online Store index.php sql injection — Retro Cellphone Online Store 6.3 Medium2023-06-25
CVE-2023-3197 MStore API <= 4.0.1 - Unauthenticated SQL Injection — MStore API – Create Native Android & iOS Apps On The Cloud 9.8 Critical2023-06-24
CVE-2023-3391 SourceCodester Human Resource Management System detailview.php sql injection — Human Resource Management System 6.3 Medium2023-06-23
CVE-2022-47614 WordPress MStore API Plugin <= 3.9.7 is vulnerable to SQL Injection — MStore API 7.5 High2023-06-23
CVE-2023-3383 SourceCodester Game Result Matrix System GET Parameter athlete-profile.php sql injection — Game Result Matrix System 6.3 Medium2023-06-23

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8868 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.