Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8815

8815 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-34455 Hi.Events: SQL Injection via Unvalidated sort_by Query Parameter in Multiple Repository Classes — Hi.Events 9.8AICriticalAI2026-04-01
CVE-2026-34747 Payload has an SQL Injection via Query Handling — payload 8.5 High2026-04-01
CVE-2026-21630 Joomla! Core - [20260302] - SQL injection in com_content articles webservice endpoint — Joomla! CMS 9.8AICriticalAI2026-04-01
CVE-2026-5257 code-projects Simple Laundry System Parameter delstaffinfo.php sql injection — Simple Laundry System 7.3 High2026-04-01
CVE-2026-5256 code-projects Simple Laundry System Parameter modify.php sql injection — Simple Laundry System 7.3 High2026-04-01
CVE-2025-13855 IBM Storage Protect Server is affected by a vulnerability that could allow authenticated users to access administrative metadata through the JSON-RPC endpoint . — Storage Protect Server 7.6 High2026-04-01
CVE-2026-5238 itsourcecode Payroll Management System Parameter view_employee.php sql injection — Payroll Management System 7.3 High2026-03-31
CVE-2026-4668 Amelia <= 2.1.2 - Authenticated (Manager+) SQL Injection via 'sort' Parameter — Booking for Appointments and Events Calendar – Amelia 6.5 Medium2026-03-31
CVE-2026-5237 itsourcecode Payroll Management System Parameter manage_user.php sql injection — Payroll Management System 7.3 High2026-03-31
CVE-2026-34400 alerta-server has potential SQL Injection vulnerability in Query String Syntax (q=) API — alerta 9.8 -2026-03-31
CVE-2026-5206 code-projects Simple Gym Management System Payment sql injection — Simple Gym Management System 6.3 Medium2026-03-31
CVE-2026-34220 MikroORM is vulnerable to SQL Injection via specially crafted object — mikro-orm 9.8AICriticalAI2026-03-31
CVE-2026-5198 code-projects Student Membership System Admin Login index.php sql injection — Student Membership System 7.3 High2026-03-31
CVE-2026-5197 code-projects Student Membership System delete_user.php sql injection — Student Membership System 6.3 Medium2026-03-31
CVE-2026-4317 SQL inyection in Umami Software application — Umami Software 8.8AIHighAI2026-03-31
CVE-2026-5196 code-projects Student Membership System delete_member.php sql injection — Student Membership System 6.3 Medium2026-03-31
CVE-2026-5195 code-projects Student Membership System User Registration sql injection — Student Membership System 7.3 High2026-03-31
CVE-2026-5182 SourceCodester Teacher Record System Parameter sql injection — Teacher Record System 7.3 High2026-03-31
CVE-2026-5180 SourceCodester Simple Doctors Appointment System ajax.php sql injection — Simple Doctors Appointment System 7.3 High2026-03-31
CVE-2026-5179 SourceCodester Simple Doctors Appointment System login.php sql injection — Simple Doctors Appointment System 7.3 High2026-03-31
CVE-2026-32714 SciTokens vulnerable to SQL Injection in KeyCache — scitokens 9.8 Critical2026-03-31
CVE-2026-27697 baserCMS: SQL injection vulnerability in blog post — basercms 9.8AICriticalAI2026-03-31
CVE-2026-5150 code-projects Accounting System Parameter viewin_costumer.php sql injection — Accounting System 7.3 High2026-03-30
CVE-2026-5148 YunaiV yudao-cloud page sql injection — yudao-cloud 4.7 Medium2026-03-30
CVE-2026-31799 Tautulli: SQL Injection in get_home_stats API endpoint via unsanitised filter parameters — Tautulli 4.9 Medium2026-03-30
CVE-2026-5147 YunaiV yudao-cloud get-by-website sql injection — yudao-cloud 7.3 High2026-03-30
CVE-2026-5035 code-projects Accounting System Parameter view_work.php sql injection — Accounting System 7.3 High2026-03-29
CVE-2026-5034 code-projects Accounting System Parameter edit_costumer.php sql injection — Accounting System 7.3 High2026-03-29
CVE-2026-5033 code-projects Accounting System Parameter view_costumer.php sql injection — Accounting System 7.3 High2026-03-29
CVE-2026-5019 code-projects Simple Food Order System Parameter all-orders.php sql injection — Simple Food Order System 7.3 High2026-03-28

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8815 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.