Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8841

8841 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-1475 Out-of-band SQL injection in Quatuor Performance Evaluation — Evaluación de Desempeño (EDD) 7.5AIHighAI2026-01-27
CVE-2026-1474 Out-of-band SQL injection in Quatuor Performance Evaluation — Evaluación de Desempeño (EDD) 7.5AIHighAI2026-01-27
CVE-2026-1473 Out-of-band SQL injection in Quatuor Performance Evaluation — Evaluación de Desempeño (EDD) 7.5AIHighAI2026-01-27
CVE-2026-1472 Out-of-band SQL injection in Quatuor Performance Evaluation — Evaluación de Desempeño (EDD) 7.5AIHighAI2026-01-27
CVE-2021-47902 Testa Online Test Management System 3.4.7 - 'q' SQL Injection — Testa Online Test Management System 8.2 High2026-01-27
CVE-2020-36951 Phpscript-sgh 0.1.0 - Time Based Blind SQL Injection — phpscript-sgh 8.2 High2026-01-27
CVE-2020-36947 LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection — LibreNMS 7.1 High2026-01-27
CVE-2026-1449 Hisense TransTech Smart Bus Management System TireMng.aspx Page_Load sql injection — Smart Bus Management System 7.3 High2026-01-26
CVE-2026-1443 code-projects Online Music Site AdminDeleteUser.php sql injection — Online Music Site 7.3 High2026-01-26
CVE-2026-1422 code-projects Online Examination System Login Page index.php sql injection — Online Examination System 7.3 High2026-01-26
CVE-2026-0806 WP-ClanWars <= 2.0.1 - Authenticated (Administrator+) SQL Injection via 'orderby' Parameter — WP-ClanWars 4.9 Medium2026-01-24
CVE-2026-24624 WordPress Neoforum plugin <= 1.0 - SQL Injection vulnerability — Neoforum 7.6 High2026-01-23
CVE-2026-24572 WordPress Nelio Content plugin <= 4.2.0 - SQL Injection vulnerability — Nelio Content 8.5 High2026-01-23
CVE-2026-0603 Org.hibernate/hibernate-core: hibernate: information disclosure and data deletion via second-order sql injection 8.3 High2026-01-23
CVE-2026-24367 WordPress Traveler theme < 3.2.8 - SQL Injection vulnerability — Traveler 8.5 High2026-01-22
CVE-2026-22470 WordPress FireStorm Professional Real Estate plugin <= 2.7.11 - SQL Injection vulnerability — FireStorm Professional Real Estate 9.8AICriticalAI2026-01-22
CVE-2025-69180 WordPress Ultra Portfolio plugin <= 6.7 - SQL Injection vulnerability — Ultra Portfolio 8.5 High2026-01-22
CVE-2025-69045 WordPress FooEvents for WooCommerce plugin <= 1.20.4 - SQL Injection vulnerability — FooEvents for WooCommerce 9.8AICriticalAI2026-01-22
CVE-2025-68999 WordPress Happy Addons for Elementor plugin <= 3.20.4 - SQL Injection vulnerability — Happy Addons for Elementor 8.5 High2026-01-22
CVE-2025-68881 WordPress AppExperts plugin <= 1.4.5 - SQL Injection vulnerability — AppExperts 8.8AIHighAI2026-01-22
CVE-2025-68857 WordPress Paid Downloads plugin <= 3.15 - SQL Injection vulnerability — Paid Downloads 9.8AICriticalAI2026-01-22
CVE-2025-68034 WordPress CleverReach® WP plugin <= 1.5.21 - SQL Injection vulnerability — CleverReach® WP 9.3 Critical2026-01-22
CVE-2025-68017 WordPress Antideo Email Validator plugin <= 1.0.10 - SQL Injection vulnerability — Antideo Email Validator 7.5 High2026-01-22
CVE-2025-67945 WordPress MailerLite – WooCommerce integration plugin <= 3.1.2 - SQL Injection vulnerability — MailerLite – WooCommerce integration 9.3 Critical2026-01-22
CVE-2025-49055 WordPress WP Lead Capturing Pages plugin <= 2.5 - SQL Injection vulnerability — WP Lead Capturing Pages 9.3 Critical2026-01-22
CVE-2025-49049 WordPress DZS Video Gallery plugin <= 12.39 - SQL Injection vulnerability — DZS Video Gallery 8.5 High2026-01-22
CVE-2025-49050 WordPress WP Lead Capturing Pages plugin <= 2.5 - SQL Injection vulnerability — WP Lead Capturing Pages 8.5 High2026-01-22
CVE-2025-36588 Dell Unisphere for PowerMax SQL注入漏洞 — Unisphere for PowerMax 8.8 High2026-01-22
CVE-2025-4764 SQLi in Aida Computer's Hotspot — Hotel Guest Hotspot 8.0 High2026-01-22
CVE-2025-27378 SQL Injection in AES Due to Inactive SQL Parsing Configuration — AES 8.6 High2026-01-22

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8841 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.