Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8845

8845 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-24864 WP Cloudy < 4.4.9 - Admin+ SQL Injection — WP Cloudy, weather plugin 8.8 -2022-02-28
CVE-2021-24704 Orange Form <= 1.0 - SQL Injection via CSRF — Orange Form 6.8 -2022-02-28
CVE-2022-25149 WP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via IP — WP Statistics 9.8 Critical2022-02-24
CVE-2022-0651 WP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via current_page_type — WP Statistics 9.8 Critical2022-02-24
CVE-2022-25148 WP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via current_page_id — WP Statistics 9.8 Critical2022-02-24
CVE-2022-24707 SQL injection in anuko timetracker — timetracker 7.4 High2022-02-23
CVE-2022-0255 Database Backup for WordPress < 2.5.1 - Admin+ SQL Injection — Database Backup for WordPress 7.2 -2022-02-21
CVE-2022-0228 Popup Builder < 4.0.7 - Admin+ SQL Injection — Popup Builder – Create highly converting, mobile friendly marketing popups. 7.2 -2022-02-21
CVE-2021-4208 ExportFeed <= 2.0.1.0 - Admin+ SQL Injection — ExportFeed: List WooCommerce Products on eBay Store 7.2 -2022-02-21
CVE-2021-25069 WordPress Download Manager < 3.2.34 - Authenticated SQL Injection to Reflected XSS — Download Manager 9.8 -2022-02-21
CVE-2020-8242 Packet Tide ExpressionEngine 安全漏洞 — ExpressionEngine 7.2 -2022-02-18
CVE-2022-21176 Airspan Networks Mimosa SQL Injection — MMP 8.6 High2022-02-18
CVE-2021-4134 Fancy Product Designer <= 4.7.4 Admin+ SQL Injection — Fancy Product Designer 7.2 High2022-02-16
CVE-2022-0513 WP Statistics <= 13.1.4 Unauthenticated Blind SQL Injection via exclusion_reason — WP Statistics 9.8 Critical2022-02-16
CVE-2022-0190 Ad Invalid Click Protector (AICP) < 1.2.6 - Authenticated SQL Injection — Ad Invalid Click Protector (AICP) 8.8 -2022-02-14
CVE-2021-25109 Futurio Extra < 1.6.3 - Authenticated SQL Injection — Futurio Extra 2.7 -2022-02-14
CVE-2022-22540 SAP NetWeaver AS SQL注入漏洞 — SAP NetWeaver AS ABAP (Workplace Server) 7.5 -2022-02-09
CVE-2021-25114 Paid Memberships Pro < 2.6.7 - Unauthenticated Blind SQL Injection — Paid Memberships Pro 9.8 -2022-02-07
CVE-2021-24928 Rearrange Woocommerce Products < 3.0.8 - Subscriber+ SQL Injection — Rearrange Woocommerce Products 7.1 -2022-02-07
CVE-2021-43927 Synology DiskStation Manager SQL注入漏洞 — DiskStation Manager (DSM) 4.7 Medium2022-02-07
CVE-2021-43926 Synology DiskStation Manager SQL注入漏洞 — DiskStation Manager (DSM) 4.7 Medium2022-02-07
CVE-2021-43925 Synology DiskStation Manager SQL注入漏洞 — DiskStation Manager (DSM) 4.7 Medium2022-02-07
CVE-2021-44779 WordPress [GWA] AutoResponder plugin <= 2.3 - Unauthenticated SQL Injection (SQLi) vulnerability — [GWA] AutoResponder (WordPress plugin) 7.3 High2022-02-04
CVE-2021-24762 Perfect Survey < 1.5.2 - Unauthenticated SQL Injection — Perfect Survey 9.8 -2022-02-01
CVE-2022-0362 SQL Injection in star7th/showdoc — star7th/showdoc 8.8 -2022-01-26
CVE-2021-36348 Dell Emc Idrac 注入漏洞 — Integrated Dell Remote Access Controller (iDRAC) 8.1 -2022-01-25
CVE-2022-0332 Moodle SQL注入漏洞 — moodle 9.8 -2022-01-25
CVE-2021-43863 SQL Injection in FileContentProvider (GHSL-2021-1007) — android 7.5 High2022-01-25
CVE-2021-4088 Blind SQL injection in DLP ePO extension — McAfee Data Loss Prevention (DLP) ePO Extension 8.4 High2022-01-24
CVE-2021-25076 WP User Frontend < 3.5.26 - SQL Injection to Reflected Cross-Site Scripting — WP User Frontend – Membership, Profile, Registration & Post Submission Plugin for WordPress 8.8 -2022-01-24

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8845 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.