Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

type:sqli — CVE vulnerabilities tagged 21170

21170 CVE security advisories tagged "type:sqli" with AI Chinese analysis, CVSS, references and POCs.

The tag "type:sqli" identifies vulnerabilities classified as SQL Injection, a critical web security flaw where attackers interfere with the queries an application makes to its database. This occurs when untrusted data is concatenated into SQL commands without proper sanitization or parameterization, allowing malicious users to execute arbitrary database operations. Such injections can lead to severe consequences, including unauthorized data access, modification, or deletion, and potentially full system compromise. Typical scenarios involve vulnerable login forms, search fields, or URL parameters where user input is directly embedded into backend queries. With over 20,000 associated CVEs, this persistent threat underscores the necessity of implementing robust input validation, prepared statements, and strict database access controls to mitigate risks and protect sensitive information from exploitation.

CVE IDTitleCVSSSeverityPublished
CVE-2019-25761 Joomla! Component JoomCRM 1.1.1 SQL Injection via deal_id — JoomCRMCWE-89 7.1 High2026-06-19
CVE-2019-25759 Joomla! Component vBizz 1.0.7 SQL Injection — vBizzCWE-89 7.1 High2026-06-19
CVE-2019-25757 Joomla vWishlist 1.0.1 SQL Injection via vproductid Parameter — vWishlistCWE-89 7.1 High2026-06-19
CVE-2019-25756 Joomla! Component vAccount 2.0.2 SQL Injection via vaccount-dashboard — vAccountCWE-89 8.2 High2026-06-19
CVE-2019-25755 Joomla vReview 1.9.11 SQL Injection via editReview — vReviewCWE-89 8.2 High2026-06-19
CVE-2019-25754 Joomla vRestaurant 1.9.4 SQL Injection via menu-listing-layout — vRestaurantCWE-89 8.2 High2026-06-19
CVE-2019-25753 Joomla! Component VMap 1.9.6 SQL Injection via loadmarker — VMapCWE-89 8.2 High2026-06-19
CVE-2019-25752 Joomla! Component J-BusinessDirectory 4.9.7 SQL Injection — J-BusinessDirectoryCWE-89 8.2 High2026-06-19
CVE-2019-25751 Joomla J-ClassifiedsManager 3.0.5 SQL Injection — ClassifiedsManagerCWE-89 8.2 High2026-06-19
CVE-2019-25750 Joomla J-MultipleHotelReservation 6.0.7 SQL Injection — MultipleHotelReservationCWE-89 8.2 High2026-06-19
CVE-2019-25749 Joomla J-CruisePortal 6.0.4 SQL Injection via cruises — J-CruisePortalCWE-89 7.1 High2026-06-19
CVE-2019-25748 Joomla JHotelReservation 6.0.7 SQL Injection via search-hotels — JHotelReservationCWE-89 8.2 High2026-06-19
CVE-2017-20282 Joomla! Component jCart for OpenCart 2.0 SQL Injection — jCart for OpenCartCWE-89 8.2 High2026-06-19
CVE-2017-20281 Joomla! Component Extra Search 2.2.8 SQL Injection — Extra SearchCWE-89 8.2 High2026-06-19
CVE-2017-20280 Joomla Component Myportfolio 3.0.2 SQL Injection via pid Parameter — MyportfolioCWE-89 8.2 High2026-06-19
CVE-2017-20279 Joomla Payage 2.05 SQL Injection via aid Parameter — Joomla PayageCWE-89 8.2 High2026-06-19
CVE-2017-20278 Joomla JoomRecipe 1.0.3 SQL Injection via category parameter — JoomRecipeCWE-89 8.2 High2026-06-19
CVE-2017-20277 Joomla JoomRecipe 1.0.4 Component Blind SQL Injection via search_author — Joomla JoomRecipeCWE-89 8.2 High2026-06-19
CVE-2017-20276 Joomla! Component SIMGenealogy 2.1.5 SQL Injection — SIMGenealogyCWE-89 8.2 High2026-06-19
CVE-2017-20275 Joomla! Component PHP-Bridge 1.2.3 SQL Injection via id Parameter — BridgeCWE-89 8.2 High2026-06-19
CVE-2017-20274 Joomla LMS King Professional 3.2.4.0 SQL Injection via learningpath — LMS King ProfessionalCWE-89 8.2 High2026-06-19
CVE-2017-20273 Joomla Event Registration Pro Calendar 4.1.3 SQL Injection — Event Registration Pro CalendarCWE-89 8.2 High2026-06-19
CVE-2017-20272 Joomla Ultimate Property Listing 1.0.2 SQL Injection via sf_selectuser_id — Ultimate Property ListingCWE-89 8.2 High2026-06-19
CVE-2017-20271 Joomla StreetGuessr Game 1.1.8 SQL Injection via catid — StreetGuessr GameCWE-89 8.2 High2026-06-19
CVE-2017-20270 Joomla! Component Twitch Tv 1.1 SQL Injection — Twitch TvCWE-89 8.2 High2026-06-19
CVE-2017-20269 Joomla! Component KissGallery 1.0.0 SQL Injection — KissGalleryCWE-89 8.2 High2026-06-19
CVE-2017-20268 Joomla! Component Zap Calendar Lite 4.3.4 SQL Injection — Zap Calendar LiteCWE-89 8.2 High2026-06-19
CVE-2017-20267 Joomla! Component Calendar Planner 1.0.1 SQL Injection — Calendar PlannerCWE-89 8.2 High2026-06-19
CVE-2017-20266 Joomla SP Movie Database 1.3 SQL Injection via searchword — SP Movie DatabaseCWE-89 8.2 High2026-06-19
CVE-2017-20265 Joomla! Component Flip Wall 8.0 SQL Injection — Flip WallCWE-89 7.1 High2026-06-19

Vulnerabilities classified as type:sqli represent 21170 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.