Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8857

8857 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-4289 Tiandy Easy7 Integrated Management Platform getRecByTemplateId sql injection — Easy7 Integrated Management Platform 7.3 High2026-03-17
CVE-2026-4288 Tiandy Easy7 Integrated Management Platform Endpoint getDevDetailedInfo sql injection — Easy7 Integrated Management Platform 7.3 High2026-03-17
CVE-2026-4287 Tiandy Easy7 Integrated Management Platform Endpoint queryResources sql injection — Easy7 Integrated Management Platform 7.3 High2026-03-16
CVE-2026-30881 Chamilo LMS: SQL Injection in the statistics AJAX endpoint — chamilo-lms 8.8 High2026-03-16
CVE-2026-28430 Chamilo LMS Vulnerable to Unauthenticated SQL Injection in chamiko-lms model.ajax.php — chamilo-lms 9.8AICriticalAI2026-03-16
CVE-2025-62319 Boolean-Based SQL Injection in Multiple Unica Components — Unica 9.8 Critical2026-03-16
CVE-2026-4241 itsourcecode College Management System time-table.php sql injection — College Management System 6.3 Medium2026-03-16
CVE-2026-4238 itsourcecode College Management System courses.php sql injection — College Management System 4.7 Medium2026-03-16
CVE-2026-4237 itsourcecode Free Hotel Reservation System index.php sql injection — Free Hotel Reservation System 7.3 High2026-03-16
CVE-2026-4236 itsourcecode Online Enrollment System index.php sql injection — Online Enrollment System 7.3 High2026-03-16
CVE-2026-4235 itsourcecode Online Enrollment System login.php sql injection — Online Enrollment System 7.3 High2026-03-16
CVE-2026-4234 SSCMS DDL SitesAddController.Submit.cs sql injection — SSCMS 6.3 Medium2026-03-16
CVE-2026-4232 Tiandy Integrated Management Platform getAuthorityByUserId sql injection — Integrated Management Platform 7.3 High2026-03-16
CVE-2026-4230 vanna-ai vanna Endpoint __init__.py update_sql sql injection — vanna 6.3 Medium2026-03-16
CVE-2026-4229 vanna-ai vanna bigquery_vector.py remove_training_data sql injection — vanna 7.3 High2026-03-16
CVE-2026-4223 itsourcecode Payroll Management System manage_employee.php sql injection — Payroll Management System 7.3 High2026-03-16
CVE-2026-4190 JawherKl node-api-postgres user.js User.getAll sql injection — node-api-postgres 7.3 High2026-03-15
CVE-2026-4189 phpipam Section edit-result.php sql injection — phpipam 4.7 Medium2026-03-15
CVE-2015-20120 RealtyScript 4.0.2 Multiple Time-based Blind SQL Injection — RealtyScript 8.2 High2026-03-15
CVE-2015-20121 RealtyScript 4.0.2 SQL Injection via u_id and agent Parameters — RealtyScripts 8.2 High2026-03-15
CVE-2026-4173 CodePhiliaX Chat2DB Database Export DMDBManage.java updateProcedure sql injection — Chat2DB 6.3 Medium2026-03-15
CVE-2026-32628 AnythingLLM has SQL Injection in Built-in SQL Agent Plugin via Unsanitized table_name Parameter — anything-llm 8.8 -2026-03-13
CVE-2025-36368 IBM Sterling B2B Integrator and IBM Sterling File Gateway SQL Injection — Sterling B2B Integrator 6.5 Medium2026-03-13
CVE-2026-32459 WordPress UpsellWP plugin <= 2.2.4 - SQL Injection vulnerability — UpsellWP 9.8 -2026-03-13
CVE-2026-32458 WordPress WOLF plugin <= 1.0.8.7 - SQL Injection vulnerability — WOLF 9.8 -2026-03-13
CVE-2026-32433 WordPress CP Contact Form with Paypal plugin <= 1.3.61 - SQL Injection vulnerability — CP Contact Form with Paypal 9.8 -2026-03-13
CVE-2026-32422 WordPress WP EasyCart plugin <= 5.8.13 - SQL Injection vulnerability — WP EasyCart 9.8 -2026-03-13
CVE-2026-32418 WordPress Meow Gallery plugin <= 5.4.4 - SQL Injection vulnerability — Meow Gallery 9.8 -2026-03-13
CVE-2026-32399 WordPress Media LIbrary Assistant plugin <= 3.32 - SQL Injection vulnerability — Media LIbrary Assistant 9.8 -2026-03-13
CVE-2026-32366 WordPress Collapsing Categories plugin <= 3.0.9 - SQL Injection vulnerability — Collapsing Categories 9.8 -2026-03-13

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8857 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.