Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8827

8827 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2019-25662 ResourceSpace 8.6 SQL Injection via watched_searches.php — ResourceSpace 8.2 High2026-04-05
CVE-2026-5596 griptape-ai griptape SqlTool tool.py sql injection — griptape 6.3 Medium2026-04-05
CVE-2026-5587 wbbeyourself MAC-SQL Refiner Agent agents.py _execute_sql sql injection — MAC-SQL 6.3 Medium2026-04-05
CVE-2026-5586 zhongyu09 openchatbi Multi-stage Text2SQL Workflow sql injection — openchatbi 6.3 Medium2026-04-05
CVE-2026-5583 PHPGurukul Online Shopping Portal Project Parameter my-profile.php sql injection — Online Shopping Portal Project 6.3 Medium2026-04-05
CVE-2026-5580 CodeAstro Online Classroom Parameter addvideos.php sql injection — Online Classroom 6.3 Medium2026-04-05
CVE-2026-5579 CodeAstro Online Classroom Parameter updatedetailsfromfaculty.php sql injection — Online Classroom 6.3 Medium2026-04-05
CVE-2026-5578 CodeAstro Online Classroom Parameter addassessment.php sql injection — Online Classroom 6.3 Medium2026-04-05
CVE-2026-5577 Song-Li cross_browser details Endpoint uniquemachine_app.py sql injection — cross_browser 7.3 High2026-04-05
CVE-2026-5575 SourceCodester/jkev Record Management System Login index.php sql injection — Record Management System 7.3 High2026-04-05
CVE-2026-5565 code-projects Simple Laundry System Parameter delmemberinfo.php sql injection — Simple Laundry System 7.3 High2026-04-05
CVE-2026-5564 code-projects Simple Laundry System Parameter searchguest.php sql injection — Simple Laundry System 7.3 High2026-04-05
CVE-2026-5563 AutohomeCorp frostmourne Alarm Preview previewData httpTest sql injection — frostmourne 6.3 Medium2026-04-05
CVE-2026-5560 PHPGurukul Online Shopping Portal Project Parameter payment-method.php sql injection — Online Shopping Portal Project 6.3 Medium2026-04-05
CVE-2026-5558 PHPGurukul PHPGurukul Online Shopping Portal Project Parameter pending-orders.php sql injection — PHPGurukul Online Shopping Portal Project 6.3 Medium2026-04-05
CVE-2026-5555 code-projects Concert Ticket Reservation System Parameter login.php sql injection — Concert Ticket Reservation System 7.3 High2026-04-05
CVE-2026-5554 code-projects Concert Ticket Reservation System Parameter process_search.php sql injection — Concert Ticket Reservation System 7.3 High2026-04-05
CVE-2026-5553 itsourcecode Online Cellphone System Parameter available.php sql injection — Online Cellphone System 6.3 Medium2026-04-05
CVE-2026-5552 PHPGurukul Online Shopping Portal Project Parameter sub-category.php sql injection — Online Shopping Portal Project 6.3 Medium2026-04-05
CVE-2026-5551 itsourcecode Free Hotel Reservation System Parameter login.php sql injection — Free Hotel Reservation System 7.3 High2026-04-05
CVE-2026-5543 PHPGurukul User Registration & Login and User Management System yesterday-reg-users.php sql injection — User Registration & Login and User Management System 6.3 Medium2026-04-05
CVE-2026-5540 code-projects Simple Laundry System Parameter modifymember.php sql injection — Simple Laundry System 7.3 High2026-04-05
CVE-2026-5537 halex CourseSEL HTTP GET Parameter IndexController.class.php check_sel sql injection — CourseSEL 6.3 Medium2026-04-05
CVE-2026-5534 itsourcecode Online Enrollment System Parameter index.php sql injection — Online Enrollment System 7.3 High2026-04-05
CVE-2026-34934 PraisonAI: Second-Order SQL Injection in `get_all_user_threads` — PraisonAI 9.8 Critical2026-04-03
CVE-2026-34612 Kestra: Remote Code Execution via SQL Injection — kestra 10.0 Critical2026-04-03
CVE-2026-34788 Emlog: SQL Injection in tag_model::updateTagName() via unsanitized parameters — emlog 6.5 Medium2026-04-03
CVE-2026-27885 Piwigo: SQL Injection in Activity.getList — Piwigo 7.2 High2026-04-03
CVE-2026-27834 Piwigo: SQL Injection in pwg.users.getList API Method via filter Parameter — Piwigo 7.2 High2026-04-03
CVE-2026-27634 Piwigo: Pre-auth SQL injection via date filter parameters in ws_std_image_sql_filter — Piwigo 7.5AIHighAI2026-04-03

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8827 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.