Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8841

8841 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-24391 Cashtomer <= 1.0.0 - Authenticated SQL Injection — Cashtomer 7.2 -2021-09-06
CVE-2021-24390 Alipay <= 3.7.2 - Authenticated SQL Injection — WordPress支付宝Alipay|财付通Tenpay|贝宝PayPal集成插件 7.2 -2021-09-06
CVE-2021-24303 JiangQie Official Website Mini Program < 1.1.1 - Authenticated SQL Injection — JiangQie Official Website Mini Program 7.2 -2021-09-06
CVE-2021-38390 Delta Electronics DIAEnergie SQL注入漏洞 — Delta Electronics DIAEnergie 9.8 -2021-08-30
CVE-2021-32983 Delta Electronics DIAEnergie SQL注入漏洞 — Delta Electronics DIAEnergie 9.8 -2021-08-30
CVE-2021-38393 Delta Electronics DIAEnergie SQL注入漏洞 — Delta Electronics DIAEnergie 9.8 -2021-08-30
CVE-2021-38391 Delta Electronics DIAEnergie SQL注入漏洞 — Delta Electronics DIAEnergie 9.8 -2021-08-30
CVE-2021-24580 Side Menu Lite < 2.2.6 - Authenticated SQL Injection — Side Menu Lite - add sticky fixed buttons 7.2 -2021-08-30
CVE-2021-24557 M-vSlider <= 2.1.3 - Authenticated (admin+) SQL Injection — M-vSlider 7.2 -2021-08-23
CVE-2021-24554 Paytm - Donation Plugin <= 1.3.2 - Authenticated (admin+) SQL Injection — Paytm – Donation Plugin 7.2 -2021-08-23
CVE-2021-24555 Diary & Availability Calendar <= 1.0.3 - Authenticated (subscriber+) SQL Injection — Diary & Availability Calendar 8.8 -2021-08-23
CVE-2021-24553 Timeline Calendar <= 1.2 - Authenticated (admin+) SQL Injection — Timeline Calendar 7.2 -2021-08-23
CVE-2021-24552 Simple Events Calendar <= 1.4.0 - Authenticated (admin+) SQL Injection — Simple Events Calendar 7.2 -2021-08-23
CVE-2021-24551 Edit Comments <= 0.3 - Unauthenticated SQL Injection — Edit Comments 7.2 -2021-08-23
CVE-2021-24550 Broken Link Manager <= 0.6.5 - Authenticated (admin+) SQL Injection — Broken Link Manager 7.2 -2021-08-23
CVE-2021-24506 Slider Hero < 8.2.7 - Contributor+ SQL Injection — Slider Hero with Animation, Video Background & Intro Maker 8.8 -2021-08-23
CVE-2021-24497 Giveaway <= 1.2.2 - Authenticated SQL Injection — Giveaway 7.2 -2021-08-23
CVE-2020-13589 Rukovoditel SQL注入漏洞 — Rukovoditel 8.8 -2021-08-17
CVE-2020-13588 Rukovoditel SQL注入漏洞 — Rukovoditel 8.8 -2021-08-17
CVE-2021-24520 Stock in & out <= 1.0.4 - Authenticated SQL Injection — Stock in & out 8.8 -2021-08-09
CVE-2021-24521 Side Menu Lite < 2.2.1 - Authenticated SQL Injection — Side Menu Lite – add sticky fixed buttons 7.2 -2021-08-09
CVE-2021-24507 Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection — Astra Pro Addon 9.8 -2021-08-09
CVE-2021-31869 Pimcore AdminBundle 'specificID' SQL Injection — Pimcore AdminBundle 6.5 Medium2021-08-04
CVE-2021-31867 Pimcore Customer Data Framework 'SegmentAssignmentController.php' Blind SQL Injection — Pimcore Customer Data Framework 6.5 Medium2021-08-04
CVE-2021-20028 Claroty Secure Remote Access SQL注入漏洞 — SonicWall SRA/SMA100 9.8 -2021-08-04
CVE-2021-24492 Handsome Testimonials & Reviews < 2.1.1 - Authenticated (Subscriber+) SQL Injection — Handsome Testimonials & Reviews 8.8 -2021-08-02
CVE-2021-24484 Secure Copy Content Protection and Content Locking < 2.6.7 - Authenticated Blind SQL Injections — Secure Copy Content Protection and Content Locking 7.2 -2021-08-02
CVE-2021-24483 Poll Maker < 3.2.1 - Authenticated Blind SQL Injections — Poll Maker 7.2 -2021-08-02
CVE-2021-24463 Image Slider by Ays - Responsive Slider and Carousel < 2.5.0 - Authenticated Blind SQL Injection — Image Slider by Ays- Responsive Slider and Carousel 8.8 -2021-08-02
CVE-2021-24462 Photo Gallery by Ays - Responsive Image Gallery < 4.4.4 - Authenticated Blind SQL Injections — Photo Gallery by Ays – Responsive Image Gallery 8.8 -2021-08-02

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8841 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.