Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8850

8850 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-1531 SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in rtxteam/rtx — rtxteam/rtx 9.8 -2022-04-29
CVE-2022-29411 WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Unauthenticated SQL Injection SQLi) vulnerability — Hermit 音乐播放器 (WordPress plugin) 8.3 High2022-04-28
CVE-2022-29410 WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Authenticated SQL Injection (SQLi) vulnerability — Hermit 音乐播放器 (WordPress plugin) 7.4 High2022-04-28
CVE-2022-29419 WordPress 3xSocializer plugin <= 0.98.22 - Authenticated SQL Injection (SQLi) vulnerability — 3xSocializer (WordPress plugin) 6.0 Medium2022-04-25
CVE-2022-0782 Donations <= 1.8 - Unauthenticated SQLi — Donations 9.8 -2022-04-25
CVE-2022-0769 Users Ultra <= 3.1.0 - Unauthenticated SQL Injection — Users Ultra Membership, Users Community and Member Profiles With PayPal Integration Plugin 9.8 -2022-04-25
CVE-2022-0693 Master Elements <= 8.0 - Unauthenticated SQLi — Master Elements 9.8 -2022-04-25
CVE-2022-0657 5 Stars Rating Funnel < 1.2.53 - Unauthenticated SQLi — 5 Stars Rating Funnel WordPress Plugin | RRatingg 9.8 -2022-04-25
CVE-2021-24957 Advanced Page Visit Counter < 6.1.6 - Subscriber+ Blind SQL injection — Advanced Page Visit Counter – Advanced WordPress Visit Counter 8.8 -2022-04-25
CVE-2022-1429 SQL injection in GridHelperService.php in pimcore/pimcore — pimcore/pimcore 7.5 -2022-04-22
CVE-2022-20786 Cisco Unified Communications Manager IM & Presence Service SQL Injection Vulnerability — Cisco Unified Communications Manager IM and Presence Service 5.4 Medium2022-04-21
CVE-2022-0785 Daily Prayer Time < 2022.03.01 - Unauthenticated SQLi — Daily Prayer Time 9.8 -2022-04-18
CVE-2020-13590 Rukovoditel SQL注入漏洞 — Project Management App 8.8 -2022-04-18
CVE-2020-13567 phpGACL SQL注入漏洞 — OpenEMR 9.8 -2022-04-18
CVE-2022-22149 Lansweeper SQL注入漏洞 — lansweeper 8.8 -2022-04-14
CVE-2022-21234 Lansweeper SQL注入漏洞 — lansweeper 8.8 -2022-04-14
CVE-2022-21210 Lansweeper SQL注入漏洞 — lansweeper 8.8 -2022-04-14
CVE-2022-1258 SQL injection vulnerability in McAfee Agent's ePO extension — McAfee Agent ePO extension 8.4 High2022-04-14
CVE-2022-24844 SQL Injection in github.com/flipped-aurora/gin-vue-admin — gin-vue-admin 8.1 High2022-04-13
CVE-2022-27479 SQL injection vulnerability in chart data API — Apache Superset 9.8 -2022-04-13
CVE-2022-1339 SQL injection in ElementController.php in pimcore/pimcore — pimcore/pimcore 7.5 -2022-04-13
CVE-2022-24827 SQL Injection in elide-datastore-aggregation — elide 8.1 High2022-04-11
CVE-2022-24815 SQL Injection when creating an application with Reactive SQL backend — generator-jhipster 8.1 High2022-04-11
CVE-2022-1023 Podcast Importer SecondLine < 1.3.8 - Admin+ SQLi — Podcast Importer SecondLine 9.8 -2022-04-11
CVE-2022-1006 Advanced Booking Calendar < 1.7.1 - Admin+ SQLi — Advanced Booking Calendar 7.2 -2022-04-11
CVE-2022-0949 WP Block and Stop Bad Bots < 6.930 - Unauthenticated SQLi — Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection 9.8 -2022-04-11
CVE-2022-1219 SQL injection in RecyclebinController.php in pimcore/pimcore — pimcore/pimcore 7.5 -2022-04-08
CVE-2022-23972 ASUS RT-AX56U - SQL Injection — RT-AX56U 8.8 High2022-04-07
CVE-2022-0887 Easy Social Icons < 3.1.4 - Admin+ SQL Injection — Easy Social Icons 7.2 -2022-04-04
CVE-2021-32957 MDT AutoSave Uncontrolled Search Path Element — MDT AutoSave 7.5 High2022-04-01

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8850 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.