Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8815

8815 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-39318 ChurchCRM has a DDL SQL Injection in GroupPropsFormRowOps.php — CRM 8.8 High2026-04-07
CVE-2026-23696 Windmill < 1.603.3 File Ownership Handling SQLi RCE — Windmill CE (Community Edition) 9.9 Critical2026-04-07
CVE-2026-35614 Frappe has a SQL injection in bulk_update — frappe 8.8AIHighAI2026-04-07
CVE-2026-5372 runZero Platform SQL injection in saved queries — Platform 6.4 Medium2026-04-07
CVE-2026-5719 itsourcecode Construction Management System borrowedtool.php sql injection — Construction Management System 6.3 Medium2026-04-07
CVE-2026-35395 WeGIA has a SQL Injection in DespachoDAO.php via id_memorando parameter — WeGIA 8.8 High2026-04-06
CVE-2026-35184 EcclesiaCRM has a Critical SQL Injection — ecclesiacrm 8.8AIHighAI2026-04-06
CVE-2026-5681 itsourcecode sanitize or validate this input Parameter borrowedequip.php sql injection — sanitize or validate this input 6.3 Medium2026-04-06
CVE-2026-5675 itsourcecode Construction Management System Parameter borrowed_tool.php sql injection — Construction Management System 6.3 Medium2026-04-06
CVE-2026-5672 code-projects Simple IT Discussion Forum Parameter edit-category.php sql injection — Simple IT Discussion Forum 7.3 High2026-04-06
CVE-2026-35470 OpenSTAManager has a SQL Injection via righe Parameter in confronta_righe Modals — openstamanager 8.8 High2026-04-06
CVE-2026-5669 Cyber-III Student-Management-System Parameter login.php sql injection — Student-Management-System 7.3 High2026-04-06
CVE-2026-5665 code-projects Online FIR System Login checklogin.php sql injection — Online FIR System 7.3 High2026-04-06
CVE-2026-34885 WordPress Media LIbrary Assistant plugin <= 3.34 - SQL Injection vulnerability — Media LIbrary Assistant 8.5 High2026-04-06
CVE-2026-29047 GLPI has an Authenticated SQL Injection via log exports — glpi 7.2 High2026-04-06
CVE-2026-26263 GLPI has an Unauthenticated SQL Injection via Search engine — glpi 8.1 High2026-04-06
CVE-2026-5660 itsourcecode Construction Management System Parameter borrowed_equip.php sql injection — Construction Management System 6.3 Medium2026-04-06
CVE-2026-5649 code-projects Online Application System for Admission Endpoint admsnform.php sql injection — Online Application System for Admission 6.3 Medium2026-04-06
CVE-2026-5648 code-projects Simple Laundry System Parameter userfinishregister.php sql injection — Simple Laundry System 7.3 High2026-04-06
CVE-2026-5646 code-projects Easy Blog Site login.php sql injection — Easy Blog Site 7.3 High2026-04-06
CVE-2026-5645 projectworlds Car Rental System Parameter pay.php sql injection — Car Rental System 7.3 High2026-04-06
CVE-2026-5641 PHPGurukul Online Shopping Portal Project Parameter update-image1.php sql injection — Online Shopping Portal Project 6.3 Medium2026-04-06
CVE-2026-5640 PHPGurukul Online Shopping Portal Project Parameter update-image2.php sql injection — Online Shopping Portal Project 6.3 Medium2026-04-06
CVE-2026-5639 PHPGurukul Online Shopping Portal Project Parameter update-image3.php sql injection — Online Shopping Portal Project 6.3 Medium2026-04-06
CVE-2026-5637 projectworlds Car Rental System Parameter message_admin.php sql injection — Car Rental System 7.3 High2026-04-06
CVE-2026-5636 PHPGurukul Online Shopping Portal Project Parameter cancelorder.php sql injection — Online Shopping Portal Project 6.3 Medium2026-04-06
CVE-2026-5635 PHPGurukul Online Shopping Portal Project Parameter categorywise-products.php sql injection — Online Shopping Portal Project 6.3 Medium2026-04-06
CVE-2026-5634 projectworlds Car Rental Project Parameter book_car.php sql injection — Car Rental Project 7.3 High2026-04-06
CVE-2026-5620 itsourcecode Construction Management System Parameter borrowed_equip_report.php sql injection — Construction Management System 6.3 Medium2026-04-06
CVE-2026-5606 PHPGurukul Online Shopping Portal Project Parameter order-details.php sql injection — Online Shopping Portal Project 6.3 Medium2026-04-06

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8815 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.