Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8876

8876 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-13476 LTL Freight Quotes – GlobalTranz Edition <= 2.3.11 - Unauthenticated SQL Injection — LTL Freight Quotes – GlobalTranz Edition 7.5 High2025-02-20
CVE-2025-0866 Legoeso PDF Manager <= 1.2.2 - Authenticated (Author+) SQL Injection via checkedVals Parameter — Legoeso PDF Manager 6.5 Medium2025-02-20
CVE-2025-1464 Baiyi Cloud Asset Management System admin.house.collect.php sql injection — Cloud Asset Management System 7.3 High2025-02-19
CVE-2024-13534 Small Package Quotes – Worldwide Express Edition <= 5.2.18 - Unauthenticated SQL Injection — Small Package Quotes – Worldwide Express Edition 7.5 High2025-02-19
CVE-2024-13533 Small Package Quotes – USPS Edition <= 1.3.5 - Unauthenticated SQL Injection — Small Package Quotes – USPS Edition 7.5 High2025-02-19
CVE-2024-13491 Small Package Quotes – For Customers of FedEx <= 4.3.1 - Unauthenticated SQL Injection — Small Package Quotes – For Customers of FedEx 7.5 High2025-02-19
CVE-2024-13483 LTL Freight Quotes – SAIA Edition <= 2.2.10 - Unauthenticated SQL Injection — LTL Freight Quotes – SAIA Edition 7.5 High2025-02-19
CVE-2024-13481 LTL Freight Quotes – R+L Carriers Edition <= 3.3.4 - Unauthenticated SQL Injection — LTL Freight Quotes – R+L Carriers Edition 7.5 High2025-02-19
CVE-2024-13479 LTL Freight Quotes – SEFL Edition <= 3.2.4 - Unauthenticated SQL Injection — LTL Freight Quotes – SEFL Edition 7.5 High2025-02-19
CVE-2024-13485 LTL Freight Quotes – ABF Freight Edition <= 3.3.7 - Unauthenticated SQL Injection — LTL Freight Quotes – ABF Freight Edition 7.5 High2025-02-19
CVE-2024-13478 LTL Freight Quotes – TForce Edition <= 3.6.4 - Unauthenticated SQL Injection — LTL Freight Quotes – TForce Edition 7.5 High2025-02-19
CVE-2024-13489 LTL Freight Quotes – Old Dominion Edition <= 4.2.10 - Unauthenticated SQL Injection — LTL Freight Quotes – Old Dominion Edition 7.5 High2025-02-19
CVE-2025-1135 SQL Injection in ChurchCRM CurrentFundraiser Parameter via BatchWinnerEntry.php — ChurchCRM 7.2 -2025-02-19
CVE-2025-1134 SQL Injection in ChurchCRM CurrentFundraiser Parameter via DonatedItemEditor.php — ChurchCRM 7.2 -2025-02-19
CVE-2025-1133 SQL Injection in ChurchCRM EID Parameter via EditEventAttendees.php — ChurchCRM 7.2 -2025-02-19
CVE-2025-1132 SQL Injection in ChurchCRM EN_tyid Parameter via EditEventAttendees.php — ChurchCRM 5.9 -2025-02-19
CVE-2024-13676 Categorized Gallery Plugin <= 2.0 - Authenticated (Contributor+) SQL Injection — Categorized Gallery Plugin 6.5 Medium2025-02-19
CVE-2024-13712 Pollin <= 1.01.1 - Authenticated (Admin+) SQL Injection — Pollin 4.9 Medium2025-02-19
CVE-2025-26605 SQL Injection endpoint 'deletar_cargo.php' parameter 'id_cargo' in WeGIA — WeGIA 6.5 -2025-02-18
CVE-2025-26606 SQL Injection endpoint 'informacao_adicional.php' parameter 'id_descricao' in WeGIA — WeGIA 6.5 -2025-02-18
CVE-2025-26607 SQL Injection endpoint 'documento_excluir.php' parameter 'id_funcionario' in WeGIA — WeGIA 6.5 -2025-02-18
CVE-2025-26608 SQL Injection endpoint 'dependente_docdependente.php' parameter 'id_dependente', 'id_doc' in WeGIA — WeGIA 6.5 -2025-02-18
CVE-2025-26609 SQL Injection endpoint 'familiar_docfamiliar.php' parameter 'id_dependente', 'id_doc' in WeGIA — WeGIA 6.5 -2025-02-18
CVE-2025-26610 SQL Injection endpoint 'restaurar_produto_desocultar.php' parameter 'id_produto' in WeGIA — WeGIA 6.5 -2025-02-18
CVE-2025-26611 SQL Injection endpoint 'remover_produto.php' parameter 'id_produto' in WeGIA — WeGIA 6.5 -2025-02-18
CVE-2025-26612 SQL Injection endpoint 'adicionar_almoxarife.php' parameter 'id_almoxarifado', 'id_funcionario' in WeGIA — WeGIA 6.5 -2025-02-18
CVE-2025-26614 SQL Injection endpoint 'deletar_documento.php' parameter 'id_cargo' in WeGIA — WeGIA 6.5 -2025-02-18
CVE-2025-26617 SQL Injection endpoint 'historico_paciente.php' parameter 'id_fichamedica' in WeGIA — WeGIA 6.5 -2025-02-18
CVE-2025-22639 WordPress Distance Rate Shipping for WooCommerce plugin <= 1.3.4 - SQL Injection vulnerability — Distance Rate Shipping for WooCommerce 8.5 High2025-02-18
CVE-2025-22207 [20250201] - Core - SQL injection vulnerability in Scheduled Tasks component — Joomla! CMS 8.8 -2025-02-18

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8876 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.