Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8864

8864 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-6822 code-projects Inventory Management System removeProduct.php sql injection — Inventory Management System 7.3 High2025-06-28
CVE-2025-6821 code-projects Inventory Management System createOrder.php sql injection — Inventory Management System 7.3 High2025-06-28
CVE-2025-6820 code-projects Inventory Management System createProduct.php sql injection — Inventory Management System 7.3 High2025-06-28
CVE-2025-6819 code-projects Inventory Management System removeBrand.php sql injection — Inventory Management System 7.3 High2025-06-28
CVE-2025-6777 code-projects Food Distributor Site process_login.php sql injection — Food Distributor Site 7.3 High2025-06-27
CVE-2024-12143 SQLi in Mobilteg Mobile Informatics' Mikro Hand Terminal - MikroDB — Mikro Hand Terminal - MikroDB 9.8 Critical2025-06-27
CVE-2024-12150 SQLi in Eron Software's Wowwo CRM — Wowwo CRM 9.8 Critical2025-06-27
CVE-2024-12364 SQLi in Mavi Yeşil Software's Guest Tracking Software — Guest Tracking Software 9.8 Critical2025-06-27
CVE-2024-11739 SQLi in Case Informatics' Case ERP — Case ERP 9.8 Critical2025-06-27
CVE-2025-53091 WeGIA has Unauthenticated Time-Based Blind SQL Injection in almox Parameter — WeGIA 9.8AICriticalAI2025-06-27
CVE-2025-6768 sfturing hosp_order HospitalServiceImpl.java findAllHosByCondition sql injection — hosp_order 6.3 Medium2025-06-27
CVE-2025-53306 WordPress WP Forum Server plugin <= 1.8.2 - SQL Injection Vulnerability — WP Forum Server 7.6 High2025-06-27
CVE-2025-53258 WordPress Hover Effects plugin <= 2.1.2 - SQL Injection Vulnerability — Hover Effects 7.6 High2025-06-27
CVE-2025-53256 WordPress YaySMTP plugin <= 2.6.6 - SQL Injection Vulnerability — YaySMTP 7.6 High2025-06-27
CVE-2025-6767 sfturing hosp_order DoctorServiceImpl.java findDoctorByCondition sql injection — hosp_order 6.3 Medium2025-06-27
CVE-2025-6766 sfturing hosp_order OfficeServiceImpl.java getOfficeName sql injection — hosp_order 6.3 Medium2025-06-27
CVE-2025-39474 WordPress Amely theme <= 3.1.4 - SQL Injection vulnerability — Amely 9.3 Critical2025-06-27
CVE-2025-52717 WordPress LifterLMS plugin <= 8.0.6 - SQL Injection Vulnerability — LifterLMS 9.3 Critical2025-06-27
CVE-2025-52722 WordPress Classiera theme <= 4.0.34 - SQL Injection Vulnerability — Classiera 9.3 Critical2025-06-27
CVE-2025-52829 WordPress DirectIQ Email Marketing plugin <= 2.0 - SQL Injection Vulnerability — DirectIQ Email Marketing 9.3 Critical2025-06-27
CVE-2025-52834 WordPress Homey theme <= 2.4.7 - SQL Injection vulnerability — Homey 9.3 Critical2025-06-27
CVE-2025-23967 WordPress GG Bought Together for WooCommerce plugin <= 1.0.2 - SQL Injection Vulnerability — GG Bought Together for WooCommerce 9.3 Critical2025-06-27
CVE-2025-6753 huija bicycleSharingServer AdminController.java selectAdminByNameLike sql injection — bicycleSharingServer 6.3 Medium2025-06-27
CVE-2025-6749 huija bicycleSharingServer AdminController.java searchAdminMessageShow sql injection — bicycleSharingServer 6.3 Medium2025-06-27
CVE-2025-6738 huija bicycleSharingServer UserServiceImpl.java userDao.selectUserByUserNameLike sql injection — bicycleSharingServer 6.3 Medium2025-06-27
CVE-2025-53122 SQLi in OpenNMS Horizon and Meridian — Horizon 8.8AIHighAI2025-06-26
CVE-2025-5590 Owl carousel responsive <= 1.9 - Authenticated (Contributor+) SQL Injection via id Parameter — Owl carousel responsive 8.8 High2025-06-26
CVE-2025-6668 code-projects Inventory Management System fetchSelectedBrand.php sql injection — Inventory Management System 7.3 High2025-06-25
CVE-2025-6665 code-projects Inventory Management System editBrand.php sql injection — Inventory Management System 7.3 High2025-06-25
CVE-2025-6612 code-projects Inventory Management System removeCategories.php sql injection — Inventory Management System 7.3 High2025-06-25

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8864 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.