CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8861

8861 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-41133	Delta Electronics DIAEnergie — DIAEnergie	8.8	High	2022-10-27
CVE-2022-41773	Delta Electronics DIAEnergie — DIAEnergie	8.8	High	2022-10-27
CVE-2022-40967	Delta Electronics DIAEnergie — DIAEnergie	8.8	High	2022-10-27
CVE-2022-3671	SourceCodester eLearning System manage.php sql injection — eLearning System	6.3	Medium	2022-10-26
CVE-2022-2421	Socket.io - Improper type validation in attachment parsing — Socket.io-Parser	10.0	Critical	2022-10-25
CVE-2022-2422	Feathers - SQL injection via attribute aliases — Feathers-Sequalize	10.0	Critical	2022-10-25
CVE-2022-29822	Feathers - Improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection — Feathers-Sequalize	10.0	Critical	2022-10-25
CVE-2022-3246	Blog2Social < 6.9.10 - Subscriber+ SQLi — Blog2Social: Social Media Auto Post & Scheduler	8.8	-	2022-10-25
CVE-2022-3300	Form Maker by 10Web < 1.15.6 - Admin+ SQLI — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder	7.2	-	2022-10-25
CVE-2022-3302	Anti-Spam by CleanTalk < 5.185.1 - Admin+ SQLi — Spam protection, AntiSpam, FireWall by CleanTalk	7.2	-	2022-10-25
CVE-2022-3395	WP All Export Pro < 1.7.9 - Authenticated SQLi — WP All Export Pro	8.8	-	2022-10-25
CVE-2022-39056	Changing Information Technology Inc. RAVA certificate validation system - SQL Injection — RAVA certificate validation system	9.8	Critical	2022-10-18
CVE-2022-3131	Search Logger <= 0.9 - Admin+ SQLi — Search Logger – Know What Your Visitors Search	7.2	-	2022-10-17
CVE-2022-3158	Rockwell Automation Factory Talk VantagePoint SQL注入漏洞 — FactoryTalk VantagePoint	8.8	-	2022-10-17
CVE-2022-3243	Import all XML, CSV & TXT into WordPress < 6.5.8 - Admin+ SQLi — Import all XML, CSV & TXT into WordPress	7.2	-	2022-10-17
CVE-2022-39303	Ree6 vulnerable to SQL Injection — Ree6	8.1	High	2022-10-13
CVE-2022-36961	Orion Platform SQL Injection Privilege Escalation Vulnerability — Orion Platform	8.8	High	2022-09-30
CVE-2021-43362	MedData HBYS 1.0 Remote SQL Injection Vulnerability — HBYS	9.9	Critical	2022-09-29
CVE-2021-43361	MedData HBYS 1.0 Remote SQL Injection Vulnerability — HBYS	9.9	Critical	2022-09-29
CVE-2022-28815	SQL-Injection in Carlo Gavazzi UWP 3.0 Sentilo Proxy — UWP 3.0 Monitoring Gateway and Controller	2.7	Low	2022-09-28
CVE-2022-22524	SQL-injection in Carlo Gavazzi UWP 3.0 allows for full database access — UWP 3.0 Monitoring Gateway and Controller	9.4	Critical	2022-09-28
CVE-2022-28813	SQL-injection in Car Park Server 3.0 allows for full database access. — UWP 3.0 Monitoring Gateway and Controller	7.5	High	2022-09-28
CVE-2022-32211	Rocket.Chat SQL注入漏洞 — Rocket.Chat	8.8	-	2022-09-23
CVE-2022-0495	SQL Injection in KOHA — Parantez Teknoloji	9.4	Critical	2022-09-21
CVE-2022-2315	SQL Injection in Database Accreditation System — Database Software	9.4	Critical	2022-09-21
CVE-2022-2177	SQL Injection in Kayrasoft — Kayrasoft	9.4	Critical	2022-09-20
CVE-2022-2958	BadgeOS < 3.7.1.3 - Subscriber+ SQLi — BadgeOS	8.8	-	2022-09-19
CVE-2022-2754	Ketchup Restaurant Reservations <= 1.0.0 - Unauthenticated Blind SQLi — Ketchup Restaurant Reservations	9.8	-	2022-09-19
CVE-2022-2840	Zephyr Project Manager < 3.2.5 - Multiple Unauthenticated SQLi — Zephyr Project Manager	9.8	-	2022-09-19
CVE-2022-3141	Translatepress Multilinugal < 2.3.3 - Admin+ SQLi — Translate Multilingual sites – TranslatePress	8.8	-	2022-09-19

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8861 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8861