Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8876

8876 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-51539 Dell Secure Connect Gateway SQL注入漏洞 — Secure Connect Gateway - Application 2.3 Low2025-02-25
CVE-2025-1648 Yawave <= 2.9.1 - Unauthenticated SQL Injection — Yawave 7.5 High2025-02-25
CVE-2025-22210 Extension - hikashop.com - SQL injection in Hikashop component version 3.3.0 - 5.1.4 for Joomla — Hikashop component for Joomla 7.2 -2025-02-25
CVE-2025-1641 Benner ModernaNet GetHorariosDoDia sql injection — ModernaNet 7.3 High2025-02-25
CVE-2025-1640 Benner ModernaNet JS_CarregaCombo sql injection — ModernaNet 7.3 High2025-02-25
CVE-2025-26533 SQL injection risk in course search module list filter — moodle 8.1 High2025-02-24
CVE-2025-27133 WeGIA has SQL Injection endpoint at 'dao/pet/adicionar_tipo_exame.php' parameter 'tipo_exame' — WeGIA 6.5 -2025-02-24
CVE-2025-27312 WordPress WP Sitemap plugin <= 1.0 - SQL Injection vulnerability — WP Sitemap 8.5 High2025-02-24
CVE-2025-27297 WordPress Bravo Search & Replace Plugin <= 1.0 - SQL Injection vulnerability — Bravo Search & Replace 7.6 High2025-02-24
CVE-2024-12918 SQLi in Agito Computer's Health4All — Health4All 8.8 High2025-02-24
CVE-2024-12916 SQLi in Agito Computer's Life4All — Life4All 8.8 High2025-02-24
CVE-2025-24490 SQL Injection in Mattermost Boards via board category ID reordering — Mattermost 9.6 Critical2025-02-24
CVE-2025-1596 SourceCodester Best Church Management Software fpassword.php sql injection — Best Church Management Software 7.3 High2025-02-23
CVE-2025-1583 PHPGurukul Online Nurse Hiring System search-report-details.php sql injection — Online Nurse Hiring System 6.3 Medium2025-02-23
CVE-2025-1582 PHPGurukul Online Nurse Hiring System all-request.php sql injection — Online Nurse Hiring System 6.3 Medium2025-02-23
CVE-2025-1581 PHPGurukul Online Nurse Hiring System book-nurse.php sql injection — Online Nurse Hiring System 6.3 Medium2025-02-23
CVE-2025-1580 PHPGurukul Nipah Virus Testing Management System search-report-result.php sql injection — Nipah Virus Testing Management System 6.3 Medium2025-02-23
CVE-2025-1578 PHPGurukul/Campcodes Online Shopping Portal search-result.php sql injection — Online Shopping Portal 6.3 Medium2025-02-23
CVE-2025-1576 code-projects Real Estate Property Management System ajax_state.php sql injection — Real Estate Property Management System 6.3 Medium2025-02-23
CVE-2024-13474 LTL Freight Quotes – Purolator Edition <= 2.2.3 - Unauthenticated SQL Injection — LTL Freight Quotes – Purolator Edition 7.5 High2025-02-22
CVE-2025-1544 dingfanzu CMS loadShopInfo.php sql injection — CMS 6.3 Medium2025-02-21
CVE-2025-1537 Harpia DiagSystem atualatendimento_jpeg.php sql injection — DiagSystem 6.3 Medium2025-02-21
CVE-2025-1535 Baiyi Cloud Asset Management System admin.ticket.close.php sql injection — Cloud Asset Management System 7.3 High2025-02-21
CVE-2024-13846 Indeed Ultimate Learning Pro <= 3.9 - Authenticated (Administrator+) SQL Injection via post_id Parameter — Indeed Ultimate Learning Pro 4.9 Medium2025-02-21
CVE-2024-13713 WPExperts Square For GiveWP <= 1.3.1 - Authenticated (Subscriber+) SQL Injection — WPExperts Square For GiveWP 6.5 Medium2025-02-21
CVE-2024-12276 Ultimate Member <= 2.9.2 - Authenticated SQL Injection — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin 5.3 Medium2025-02-21
CVE-2024-11260 Events Manager – Calendar, Bookings, Tickets, and more! <= 6.6.3 - Unauthenticated SQL Injection via Event Status Parameter — Events Manager – Calendar, Bookings, Tickets, and more! 7.5 High2025-02-21
CVE-2024-13235 Pinpoint Booking System – #1 WordPress Booking Plugin <= 2.9.9.5.4 - Authenticated (Subscriber+) SQL Injection — Pinpoint Booking System – Version 2 6.5 Medium2025-02-21
CVE-2025-26794 Exim 安全漏洞 — Exim 7.5 High2025-02-21
CVE-2025-27096 SQL Injection endpoint 'html/personalizacao_upload.php' parameter 'id_campo' in WeGIA — WeGIA 6.5 -2025-02-20

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8876 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.