Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8841

8841 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-24461 FAQ Builder < 1.3.6 - Authenticated Blind SQL Injections — FAQ Builder AYS 8.8 -2021-08-02
CVE-2021-24460 Popup Like box - Page Plugin < 3.5.3 - Authenticated Blind SQL Injections — Popup Like box – Page Plugin 8.8 -2021-08-02
CVE-2021-24459 Survey Maker < 1.5.6 - Authenticated Blind SQL Injections — Survey Maker 8.8 -2021-08-02
CVE-2021-24457 Portfolio Responsive Gallery < 1.1.8 - Authenticated Blind SQL Injections — Portfolio Responsive Gallery 8.8 -2021-08-02
CVE-2021-24458 Popup box < 2.3.4 - Authenticated Blind SQL Injections — Popup box 8.8 -2021-08-02
CVE-2021-24456 Quiz Maker < 6.2.0.9 - Multiple Authenticated Blind SQL Injections — Quiz Maker 7.2 -2021-08-02
CVE-2021-32790 Blind SQL Injection possible via Authenticated Web-hook Search API Endpoint — woocommerce 4.9 Medium2021-07-26
CVE-2021-32789 Arbitrary SQL (SQL injection) possible via the Store API component. — woocommerce-gutenberg-products-block 7.5 High2021-07-26
CVE-2020-5320 DELL EMC OpenManage Enterprise和DELL EMC OpenManage Enterprise-Modular SQL注入漏洞 — Dell OpenManage Enterprise 9.0 Critical2021-07-19
CVE-2021-24442 Poll, Survey, Questionnaire and Voting system < 1.5.3 - Unauthenticated Blind SQL Injection — Poll, Survey, Questionnaire and Voting system 9.8 -2021-07-12
CVE-2021-24385 Filebird 4.7.3 - Unauthenticated SQL Injection — FileBird – WordPress Media Library Folders & File Manager 9.8 -2021-07-12
CVE-2021-25427 Bluetooth SQL注入漏洞 — Samsung Mobile Devices 6.5 -2021-07-08
CVE-2021-24451 Export Users With Meta < 0.6.5 - Authenticated SQL Injection — Export Users With Meta 7.2 -2021-07-06
CVE-2021-35049 Command Injection Vulnerability in Fidelis Network and Deception — Fidelis Network 9.9 Critical2021-06-25
CVE-2021-35048 Unauthenticated SQL Injection Vulnerability in Fidelis Network and Deception — Fidelis Network 9.8 Critical2021-06-25
CVE-2021-32704 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in dhis2-core — dhis2-core 8.5 High2021-06-24
CVE-2021-24361 GeoDirectory Location Manager < 2.1.0.10 - Multiple Unauthenticated SQL Injections — Location Manager 9.8 -2021-06-21
CVE-2021-24360 Yes/No Chart < 1.0.12 - Authenticated (contributor+) Blind SQL Injection — Yes/No Chart 8.1 -2021-06-14
CVE-2021-24341 Xllentech English Islamic Calendar < 2.6.8 - Authenticated SQL Injection — Xllentech English Islamic Calendar 8.8 -2021-06-14
CVE-2021-24345 Sendit WP Newsletter <= 2.5.1 - Authenticated (admin+) SQL Injection — Sendit WP Newsletter 7.2 -2021-06-14
CVE-2021-24348 Side Menu < 3.1.5 - Authenticated (admin+) SQL Injection — Side Menu – add fixed side buttons 7.2 -2021-06-14
CVE-2021-32932 Advantech Iview SQL注入漏洞 — iView 7.5 -2021-06-11
CVE-2021-23230 Gallagher Command Centre Server SQL注入漏洞 — Command Centre 9.9 Critical2021-06-11
CVE-2021-29099 There is a SQL injection vulnerability in ArcGIS Server — ArcGIS Server 5.3 -2021-06-07
CVE-2021-24337 Video Embed <= 1.0 - Authenticated (subscriber+) SQL Injection — Video Embed 8.8 -2021-06-07
CVE-2021-24340 WP Statistics < 13.0.8 - Unauthenticated SQL Injection — WP Statistics 7.5 -2021-06-07
CVE-2021-24336 FlightLog <= 3.0.2 - Authenticated (editor+) SQL Injection — FlightLog 7.2 -2021-06-07
CVE-2021-29089 Synology Photo Station SQL注入漏洞 — Synology Photo Station 9.8 Critical2021-06-02
CVE-2021-29090 Synology Photo Station SQL注入漏洞 — Synology Photo Station 7.2 High2021-06-02
CVE-2021-24321 Bello < 1.6.0 - Unauthenticated Blind SQL Injection — Bello - Directory & Listing 8.8 -2021-06-01

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8841 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.