Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8867

8867 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-6293 code-projects Hostel Management System contact_manager.php sql injection — Hostel Management System 7.3 High2025-06-20
CVE-2025-6277 Brilliance Golden Link Secondary System custTakeInfoPage.htm sql injection — Golden Link Secondary System 6.3 Medium2025-06-19
CVE-2025-6276 Brilliance Golden Link Secondary System rentTakeInfoPage.htm sql injection — Golden Link Secondary System 6.3 Medium2025-06-19
CVE-2025-6267 zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 barcodeDetail sql injection — ADP Application Developer Platform 应用开发者平台 6.3 Medium2025-06-19
CVE-2025-4738 Authenticated SQLi in Yirmibes Software's MY ERP — MY ERP 9.8 Critical2025-06-19
CVE-2025-52474 WeGIA SQL Injection Vulnerability in id Parameter on control.php Endpoint — WeGIA 9.1AICriticalAI2025-06-19
CVE-2025-49218 Trend Micro Endpoint Encryption PolicyServer 安全漏洞 — Trend Micro Endpoint Encryption Policy Server 7.7 High2025-06-17
CVE-2025-49211 Trend Micro Endpoint Encryption PolicyServer 安全漏洞 — Trend Micro Endpoint Encryption Policy Server 7.7 High2025-06-17
CVE-2025-49452 WordPress PostaPanduri plugin <= 2.1.3 - SQL Injection Vulnerability — PostaPanduri 9.3 Critical2025-06-17
CVE-2025-28972 WordPress WP Employee Attendance System plugin <= 3.5 - SQL Injection Vulnerability — WP Employee Attendance System 7.6 High2025-06-17
CVE-2025-24773 WordPress WPCRM - CRM for Contact form CF7 & WooCommerce plugin <= 3.2.0 - SQL Injection Vulnerability — WPCRM - CRM for Contact form CF7 & WooCommerce 9.3 Critical2025-06-17
CVE-2025-30562 WordPress Navigation Tree Elementor plugin <= 1.0.1 - SQL Injection Vulnerability — Navigation Tree Elementor 8.5 High2025-06-17
CVE-2025-39479 WordPress Smart Notification Plugin <= 10.3 - SQL Injection vulnerability — Smart Notification 9.3 Critical2025-06-17
CVE-2025-39486 WordPress Rankie plugin < 1.8.2 - SQL Injection vulnerability — Rankie 8.5 High2025-06-17
CVE-2025-47573 WordPress School Management System Plugin <= 92.0.0 - SQL Injection vulnerability — School Management 9.3 Critical2025-06-17
CVE-2025-48118 WordPress Woocommerce Partial Shipment plugin <= 3.2 - SQL Injection Vulnerability — Woocommerce Partial Shipment 8.5 High2025-06-17
CVE-2025-48274 WordPress WP Job Portal plugin <= 2.3.2 - SQL Injection Vulnerability — WP Job Portal 9.3 Critical2025-06-17
CVE-2025-49854 WordPress Slim SEO plugin <= 4.5.4 - SQL Injection Vulnerability — Slim SEO 7.6 High2025-06-17
CVE-2025-6173 Webkul QloApps ajax_products_list.php sql injection — QloApps 4.7 Medium2025-06-17
CVE-2025-6160 SourceCodester Client Database Management System user_customer_create_order.php sql injection — Client Database Management System 7.3 High2025-06-17
CVE-2025-6159 code-projects Hostel Management System allocate_room.php sql injection — Hostel Management System 7.3 High2025-06-17
CVE-2025-6157 PHPGurukul Nipah Virus Testing Management System registered-user-testing.php sql injection — Nipah Virus Testing Management System 7.3 High2025-06-17
CVE-2025-6156 PHPGurukul Nipah Virus Testing Management System bwdates-report-ds.php sql injection — Nipah Virus Testing Management System 6.3 Medium2025-06-17
CVE-2025-6155 PHPGurukul Hostel Management System login-hm.inc.php sql injection — Hostel Management System 7.3 High2025-06-17
CVE-2025-6154 PHPGurukul Hostel Management System login.inc.php sql injection — Hostel Management System 7.3 High2025-06-17
CVE-2025-6153 PHPGurukul Hostel Management System students.php sql injection — Hostel Management System 7.3 High2025-06-17
CVE-2025-5673 Blog2Social <= 8.4.4 - Authenticated (Subscriber+) SQL Injection via `prgSortPostType` Parameter — Blog2Social: Social Media Auto Post & Scheduler 6.5 Medium2025-06-17
CVE-2025-6136 Projectworlds Life Insurance Management System insertPayment.php sql injection — Life Insurance Management System 6.3 Medium2025-06-16
CVE-2025-6135 Projectworlds Life Insurance Management System insertNominee.php sql injection — Life Insurance Management System 6.3 Medium2025-06-16
CVE-2025-6134 Projectworlds Life Insurance Management System insertClient.php sql injection — Life Insurance Management System 6.3 Medium2025-06-16

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8867 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.