Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8861

8861 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-2576 Business Directory Plugin <= 6.4.21 - Unauthenticated SQL Injection via payment Parameter — Business Directory Plugin – Easy Listing Directories for WordPress 7.5 High2026-02-18
CVE-2026-2621 Sciyon Koyuan Thermoelectricity Heat Network Management System AsyncTreeProxy.aspx sql injection — Koyuan Thermoelectricity Heat Network Management System 7.3 High2026-02-17
CVE-2026-2620 Huace Monitoring and Early Warning System ProjectRole.aspx sql injection — Monitoring and Early Warning System 7.3 High2026-02-17
CVE-2025-7631 Time-Based Blind SQLi in Tumeva Internet Technologies' Tumeva Prime News Software — Tumeva Prime News Software 8.6 High2026-02-17
CVE-2026-2247 SQL Injection in Clickedu's SaaS platform — SaaS platform 8.8AIHighAI2026-02-17
CVE-2026-2553 tushar-2223 Hotel-Management-System HTTP POST Request home.php sql injection — Hotel-Management-System 6.3 Medium2026-02-16
CVE-2026-1258 Mail Mint <= 1.19.2 - Authenticated (Administrator+) SQL Injection via Multiple API Endpoints — Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails 4.9 Medium2026-02-14
CVE-2026-2024 PhotoStack Gallery <= 0.4.1 - Unauthenticated SQL Injection via 'postid' Parameter — PhotoStack Gallery 7.5 High2026-02-14
CVE-2019-25335 PRO-7070 Hazır Profesyonel Web Sitesi 1.0 - Authentication Bypass — 7070 Hazır Profesyonel Web Sitesi 7.5 High2026-02-12
CVE-2019-25325 Thrive Smart Home 1.1 - 'Smart Home' Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') — Smart Home 8.2 High2026-02-12
CVE-2019-25320 elearning-script 1.0 - Authentication Bypass — elearning-script 6.5 Medium2026-02-12
CVE-2019-25347 thesystem App 1.0 - 'username' SQL Injection — thesystem 7.5 High2026-02-12
CVE-2019-25346 thesystem 1.0 - 'server_name' SQL Injection — thesystem 7.5 High2026-02-12
CVE-2026-22821 mreporting affected by a SQLI on date change — mreporting 4.9 Medium2026-02-12
CVE-2025-10969 SQLi in Farktor Software's E-Commerce Package — E-Commerce Package 9.8 Critical2026-02-12
CVE-2025-13431 SlimStat Analytics <= 5.3.1 - Authenticated (Subscriber+) SQL Injection via `args` Parameter — SlimStat Analytics 6.5 Medium2026-02-11
CVE-2026-25993 EverShop has a Second-Order SQL Injection in URL Rewrite Processing Derived from Category URL Keys — evershop 9.8AICriticalAI2026-02-10
CVE-2026-25947 Worklenz Boolean-Based Blind SQL Injection via Improper ORDER BY Clause Input Validation — worklenz 8.8 High2026-02-10
CVE-2026-1602 Ivanti Endpoint Manager SQL注入漏洞 — Endpoint Manager 6.5 Medium2026-02-10
CVE-2025-7636 SQLi in Ergosis Security Systems' ZEUS PDKS — ZEUS PDKS 8.8 High2026-02-10
CVE-2026-2094 Flowring|Docpedia - SQL Injection — Docpedia 8.8 High2026-02-10
CVE-2026-2093 Flowring|Docpedia - SQL Injection — Docpedia 7.5 High2026-02-10
CVE-2026-25495 Craft has a SQL Injection in Element Indexes via criteria[orderBy] — cms 8.8AIHighAI2026-02-09
CVE-2025-6830 SQLi in Xpoda Türkiye Information Technology's Password Module — Password Module 9.8 Critical2026-02-09
CVE-2026-2225 itsourcecode News Portal Project Administrator Login index.php sql injection — News Portal Project 7.3 High2026-02-09
CVE-2026-2223 code-projects Online Reviewer System index.php sql injection — Online Reviewer System 7.3 High2026-02-09
CVE-2026-2236 HGiga|C&Cm@il - SQL Injection — C&Cm@il package olln-base 7.5 High2026-02-09
CVE-2026-2235 HGiga|C&Cm@il - SQL Injection — C&Cm@il package olln-base 6.5 Medium2026-02-09
CVE-2026-2221 code-projects Online Reviewer System Login index.php sql injection — Online Reviewer System 7.3 High2026-02-09
CVE-2026-2220 code-projects Online Reviewer System btn_functions.php sql injection — Online Reviewer System 7.3 High2026-02-09

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8861 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.