Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8863

8863 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-24959 WP Email Users <= 1.7.6 - Subscriber+ SQL Injection — WP Email Users 8.8 -2022-03-14
CVE-2021-32474 Moodle SQL注入漏洞 — moodle 7.2 -2022-03-11
CVE-2022-0507 Vulnerability: Authenticated SQL Injection in API — Pandora FMS 5.8 Medium2022-03-09
CVE-2022-24281 Siemens SINEC NMS SQL注入漏洞 — SINEC NMS 7.2 High2022-03-08
CVE-2022-0754 SQL Injection in salesagility/suitecrm — salesagility/suitecrm 6.5 -2022-03-07
CVE-2022-0434 Page Views Count < 2.4.15 - Unauthenticated SQL Injection — Page View Count 9.8 -2022-03-07
CVE-2022-0420 RegistrationMagic < 5.0.2.2 - Admin+ SQL Injection — RegistrationMagic – Custom Registration Forms, User Registration and User Login Plugin 7.2 -2022-03-07
CVE-2022-0410 WP Visitor Statistics (Real Time Traffic) < 5.6 - Subscriber+ SQL Injection — WP Visitor Statistics (Real Time Traffic) 8.8 -2022-03-07
CVE-2022-0349 NotificationX < 2.3.9 - Unauthenticated Blind SQL Injection — NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor 9.8 -2022-03-07
CVE-2022-0267 AdRotate < 5.8.22 - Admin+ SQL Injection — AdRotate – Ad manager & AdSense Ads 7.2 -2022-03-07
CVE-2021-24952 Conversios.io < 4.6.2 - Subscriber+ SQL Injection — Conversios.io – Google Analytics and Google Shopping plugin for WooCommerce 8.8 -2022-03-07
CVE-2021-24778 Tradetracker-Store < 4.6.60 - Admin+ SQL Injection — Tradetracker-Store 7.2 -2022-03-07
CVE-2021-24777 Hotscot Contact Form < 1.3 - Admin+ SQL Injection — Hotscot Contact Form 7.2 -2022-03-07
CVE-2021-23214 PostgreSQL SQL注入漏洞 — postgresql 8.1 -2022-03-04
CVE-2022-23911 AP Custom Testimonial < 1.4.8 - Admin+ SQL Injection — Testimonial WordPress Plugin – AP Custom Testimonial 7.2 -2022-02-28
CVE-2022-0412 TI WooCommerce Wishlist < 1.40.1 - Unauthenticated Blind SQL Injection — TI WooCommerce Wishlist 9.8 -2022-02-28
CVE-2022-0411 Asgaros Forum < 2.0.0 - Subscriber+ Blind SQL Injection — Asgaros Forum 8.8 -2022-02-28
CVE-2022-0383 WP Review Slider < 11.0 - Admin+ SQL Injection — WP Review Slider 7.2 -2022-02-28
CVE-2021-24864 WP Cloudy < 4.4.9 - Admin+ SQL Injection — WP Cloudy, weather plugin 8.8 -2022-02-28
CVE-2021-24704 Orange Form <= 1.0 - SQL Injection via CSRF — Orange Form 6.8 -2022-02-28
CVE-2022-25149 WP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via IP — WP Statistics 9.8 Critical2022-02-24
CVE-2022-0651 WP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via current_page_type — WP Statistics 9.8 Critical2022-02-24
CVE-2022-25148 WP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via current_page_id — WP Statistics 9.8 Critical2022-02-24
CVE-2022-24707 SQL injection in anuko timetracker — timetracker 7.4 High2022-02-23
CVE-2022-0255 Database Backup for WordPress < 2.5.1 - Admin+ SQL Injection — Database Backup for WordPress 7.2 -2022-02-21
CVE-2022-0228 Popup Builder < 4.0.7 - Admin+ SQL Injection — Popup Builder – Create highly converting, mobile friendly marketing popups. 7.2 -2022-02-21
CVE-2021-4208 ExportFeed <= 2.0.1.0 - Admin+ SQL Injection — ExportFeed: List WooCommerce Products on eBay Store 7.2 -2022-02-21
CVE-2021-25069 WordPress Download Manager < 3.2.34 - Authenticated SQL Injection to Reflected XSS — Download Manager 9.8 -2022-02-21
CVE-2020-8242 Packet Tide ExpressionEngine 安全漏洞 — ExpressionEngine 7.2 -2022-02-18
CVE-2022-21176 Airspan Networks Mimosa SQL Injection — MMP 8.6 High2022-02-18

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8863 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.