Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8861

8861 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-2822 JeecgBoot Backend airag_app,1,create_by sql injection — JeecgBoot 6.3 Medium2026-02-20
CVE-2026-2821 Fujian Smart Integrated Management Platform System XCamera.ashx sql injection — Smart Integrated Management Platform System 7.3 High2026-02-20
CVE-2026-2820 Fujian Smart Integrated Management Platform System XAccessPermissionPlus.ashx sql injection — Smart Integrated Management Platform System 7.3 High2026-02-20
CVE-2026-26990 LibreNMS has Time-Based Blind SQL Injection in address-search.inc.php — librenms 8.8 High2026-02-20
CVE-2026-26988 LibreNMS: SQL Injection in ajax_table.php spreads through a covert data stream — librenms 9.8 -2026-02-20
CVE-2026-26980 Ghost has a SQL Injection in its Content API — Ghost 9.4 Critical2026-02-20
CVE-2026-2435 ASSET-7706 — Asset 6.3 Medium2026-02-19
CVE-2026-2409 Delinea Cloud Suite 安全漏洞 — Cloud Suite 9.8AICriticalAI2026-02-19
CVE-2026-1581 wpForo Forum <= 2.4.14 - Unauthenticated Time-Based SQL Injection — wpForo Forum 7.5 High2026-02-19
CVE-2026-2232 Product Table and List Builder for WooCommerce Lite <= 4.6.2 - Unauthenticated Time-Based SQL Injection via 'search' Parameter — Product Table and List Builder for WooCommerce Lite 7.5 High2026-02-19
CVE-2025-15560 SQL Injection in NesterSoft WorkTime — WorkTime (on-prem/cloud) 6.5AIMediumAI2026-02-19
CVE-2026-25418 WordPress Bit Form plugin <= 2.21.10 - SQL Injection vulnerability — Bit Form 7.6 High2026-02-19
CVE-2026-25378 WordPress Nelio AB Testing plugin <= 8.2.4 - SQL Injection vulnerability — Nelio AB Testing 7.6 High2026-02-19
CVE-2026-23805 WordPress Media Search Enhanced plugin <= 0.9.1 - SQL Injection vulnerability — Media Search Enhanced 7.6 High2026-02-19
CVE-2026-2706 code-projects Patient Record Management System fecalysis_not.php sql injection — Patient Record Management System 6.3 Medium2026-02-19
CVE-2026-0722 Shield Security <= 21.0.8 - Cross-Site Request Forgery to SQL Injection — Shield: Blocks Bots, Protects Users, and Prevents Security Breaches 6.5 Medium2026-02-19
CVE-2025-12707 Library Management System <= 3.2.1 - Unauthenticated SQL Injection — Library Management System 7.5 High2026-02-19
CVE-2026-2691 itsourcecode Event Management System manage_register.php sql injection — Event Management System 7.3 High2026-02-19
CVE-2026-2690 itsourcecode Event Management System Admin Login ajax.php sql injection — Event Management System 7.3 High2026-02-19
CVE-2026-2689 itsourcecode Event Management System manage_booking.php sql injection — Event Management System 7.3 High2026-02-19
CVE-2025-15585 FileFlows 安全漏洞 — fileflows 8.8AIHighAI2026-02-18
CVE-2026-2682 Tsinghua Unigroup Electronic Archives System prinReport.html sql injection — Electronic Archives System 6.3 Medium2026-02-18
CVE-2025-12812 Cloud Suite and Privilege Access Service – SQL Injection — Cloud Suite and Privileged Access Service 9.8AICriticalAI2026-02-18
CVE-2026-27179 MajorDoMo Unauthenticated SQL Injection in Commands Module — MajorDoMo 8.2 High2026-02-18
CVE-2026-2663 Alixhan xh-admin-backend Database Query query sql injection — xh-admin-backend 6.3 Medium2026-02-18
CVE-2025-59920 SQL injection in time@work from systems@work — time at work 8.8AIHighAI2026-02-18
CVE-2026-1317 WP Import – Ultimate CSV XML Importer for WordPress <= 7.37 - Authenticated (Subscriber+) SQL Injection via File Name — WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPress 6.5 Medium2026-02-18
CVE-2025-8781 Bookster – WordPress Appointment Booking Plugin <= 2.1.1 - Authenticated (Administrator+) SQL Injection via 'raw' — Bookster – WordPress Appointment Booking Plugin 4.9 Medium2026-02-18
CVE-2026-2495 WPNakama <= 0.6.5 - Unauthenticated SQL Injection via 'order' REST API Parameter — WPNakama – Team and multi-Client Collaboration, Editorial and Project Management 7.5 High2026-02-18
CVE-2026-1639 Taskbuilder <= 5.0.2 - Authenticated (Subscriber+) SQL Injection via 'order' and 'sort_by' Parameters — Taskbuilder – Project Management & Task Management Tool With Kanban Board 6.5 Medium2026-02-18

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8861 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.