Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8845

8845 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-0747 Infographic Maker - iList < 4.3.8 - Unauthenticated SQL Injection — Infographic Maker – iList 9.8 -2022-03-21
CVE-2022-0739 BookingPress < 1.0.11 - Unauthenticated SQL Injection — BookingPress – Appointments Booking Calendar Plugin and Online Scheduling Plugin 9.8 -2022-03-21
CVE-2022-0694 Advanced Booking Calendar < 1.7.0 - Unauthenticated SQL Injection — Advanced Booking Calendar 9.8 -2022-03-21
CVE-2022-25607 WordPress FV Flowplayer Video Player plugin <= 7.5.15.727 - SQL Injection (SQLi) vulnerability — FV Flowplayer Video Player (WordPress plugin) 6.6 Medium2022-03-18
CVE-2022-0757 Rapid7 Nexpose SQL Injection — Nexpose 5.5 Medium2022-03-17
CVE-2022-24752 SQL Injection through sorting parameters in SyliusGridBundle — SyliusGridBundle 9.8 Critical2022-03-15
CVE-2022-22735 Simple Quotation <= 1.3.2 - Subscriber+ SQL injection — Simple Quotation 8.8 -2022-03-14
CVE-2022-0658 CommonsBooking < 2.6.8 - Unauthenticated SQL Injection — CommonsBooking 9.8 -2022-03-14
CVE-2022-0478 Event Manager for WooCommerce < 3.5.8 - Contributor+ SQL Injection — Event Manager and Tickets Selling Plugin for WooCommerce 8.8 -2022-03-14
CVE-2022-0254 Zero Spam < 5.2.11 - Admin+ SQL Injection — WordPress Zero Spam 7.2 -2022-03-14
CVE-2022-0169 Photo Gallery by 10Web < 1.6.0 - Unauthenticated SQL Injection — Photo Gallery by 10Web – Mobile-Friendly Image Gallery 9.8 -2022-03-14
CVE-2021-25007 MOLIE <= 0.5 - Authenticated SQL Injection — MOLIE – Instructure Canvas Linking tool 7.2 -2022-03-14
CVE-2021-24959 WP Email Users <= 1.7.6 - Subscriber+ SQL Injection — WP Email Users 8.8 -2022-03-14
CVE-2021-32474 Moodle SQL注入漏洞 — moodle 7.2 -2022-03-11
CVE-2022-0507 Vulnerability: Authenticated SQL Injection in API — Pandora FMS 5.8 Medium2022-03-09
CVE-2022-24281 Siemens SINEC NMS SQL注入漏洞 — SINEC NMS 7.2 High2022-03-08
CVE-2022-0754 SQL Injection in salesagility/suitecrm — salesagility/suitecrm 6.5 -2022-03-07
CVE-2022-0434 Page Views Count < 2.4.15 - Unauthenticated SQL Injection — Page View Count 9.8 -2022-03-07
CVE-2022-0420 RegistrationMagic < 5.0.2.2 - Admin+ SQL Injection — RegistrationMagic – Custom Registration Forms, User Registration and User Login Plugin 7.2 -2022-03-07
CVE-2022-0410 WP Visitor Statistics (Real Time Traffic) < 5.6 - Subscriber+ SQL Injection — WP Visitor Statistics (Real Time Traffic) 8.8 -2022-03-07
CVE-2022-0349 NotificationX < 2.3.9 - Unauthenticated Blind SQL Injection — NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor 9.8 -2022-03-07
CVE-2022-0267 AdRotate < 5.8.22 - Admin+ SQL Injection — AdRotate – Ad manager & AdSense Ads 7.2 -2022-03-07
CVE-2021-24952 Conversios.io < 4.6.2 - Subscriber+ SQL Injection — Conversios.io – Google Analytics and Google Shopping plugin for WooCommerce 8.8 -2022-03-07
CVE-2021-24778 Tradetracker-Store < 4.6.60 - Admin+ SQL Injection — Tradetracker-Store 7.2 -2022-03-07
CVE-2021-24777 Hotscot Contact Form < 1.3 - Admin+ SQL Injection — Hotscot Contact Form 7.2 -2022-03-07
CVE-2021-23214 PostgreSQL SQL注入漏洞 — postgresql 8.1 -2022-03-04
CVE-2022-23911 AP Custom Testimonial < 1.4.8 - Admin+ SQL Injection — Testimonial WordPress Plugin – AP Custom Testimonial 7.2 -2022-02-28
CVE-2022-0412 TI WooCommerce Wishlist < 1.40.1 - Unauthenticated Blind SQL Injection — TI WooCommerce Wishlist 9.8 -2022-02-28
CVE-2022-0411 Asgaros Forum < 2.0.0 - Subscriber+ Blind SQL Injection — Asgaros Forum 8.8 -2022-02-28
CVE-2022-0383 WP Review Slider < 11.0 - Admin+ SQL Injection — WP Review Slider 7.2 -2022-02-28

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8845 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.