Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-46248 WordPress Frontend Dashboard plugin <= 2.2.5 - SQL Injection Vulnerability — Frontend Dashboard 9.3 Critical2025-04-24
CVE-2025-3872 Privilege escalation by altering payload in contact form — Centreon 7.2 High2025-04-24
CVE-2025-3280 ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes <= 1.4.9 - Authenticated (Subscriber+) SQL Injection — ELEX WooCommerce Bulk Edit Products, Prices & Attributes (Basic) 6.5 Medium2025-04-24
CVE-2025-1520 PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability — PostHog 8.0 -2025-04-23
CVE-2025-32969 org.xwiki.platform:xwiki-platform-rest-server allows SQL injection in query endpoint of REST API — xwiki-platform 9.8 -2025-04-23
CVE-2025-32968 org.xwiki.platform:xwiki-platform-oldcore allows SQL injection in short form select requests through the script query API — xwiki-platform 8.8 -2025-04-23
CVE-2025-3767 SQL Injection in Centreon BAM boolean KPI listing — Centreon BAM 7.2 High2025-04-22
CVE-2025-23176 Tecnick – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') — TCExam 8.8 High2025-04-22
CVE-2025-46252 WordPress Message Filter for Contact Form 7 plugin <= 1.6.3.2 - SQL Injection vulnerability — Message Filter for Contact Form 7 7.6 High2025-04-22
CVE-2025-46242 WordPress Watu Quiz plugin <= 3.4.3 - SQL Injection Vulnerability — Watu Quiz 7.6 High2025-04-22
CVE-2025-3856 xxyopen Novel-Plus searchByPage sql injection — Novel-Plus 6.3 Medium2025-04-22
CVE-2025-3847 markparticle WebServer Login httprequest.cpp sql injection — WebServer 7.3 High2025-04-21
CVE-2025-3846 markparticle WebServer Registration httprequest.cpp sql injection — WebServer 7.3 High2025-04-21
CVE-2025-32956 ManageWiki has SQL injection vulnerability in NamespaceMigrationJob — ManageWiki 8.0 High2025-04-21
CVE-2025-25228 Extension - virtuemart.net - SQL injection in VirtueMart component 1.0.0 - 4.4.7 for Joomla — Virtuemart component for Joomla 7.2 -2025-04-21
CVE-2025-3829 PHPGurukul Men Salon Management System sales-reports-detail.php sql injection — Men Salon Management System 7.3 High2025-04-20
CVE-2025-3828 PHPGurukul Men Salon Management System view-appointment.php sql injection — Men Salon Management System 7.3 High2025-04-20
CVE-2025-3827 PHPGurukul Men Salon Management System forgot-password.php sql injection — Men Salon Management System 7.3 High2025-04-20
CVE-2025-3819 PHPGurukul Men Salon Management System search-appointment.php sql injection — Men Salon Management System 7.3 High2025-04-19
CVE-2025-3818 webpy web.py db.py PostgresDB._process_insert_query sql injection — web.py 6.3 Medium2025-04-19
CVE-2025-3817 SourceCodester Online Eyewear Shop Master.php sql injection — Online Eyewear Shop 6.3 Medium2025-04-19
CVE-2025-3800 WCMS AnonymousController.php sql injection — WCMS 7.3 High2025-04-19
CVE-2025-3799 WCMS AnonymousController.php sql injection — WCMS 7.3 High2025-04-19
CVE-2025-3797 SeaCMS admin_topic.php sql injection — SeaCMS 4.7 Medium2025-04-19
CVE-2025-2010 JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin <= 2.3.9 - Unauthenticated SQL Injection — JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin 7.5 High2025-04-19
CVE-2025-3796 PHPGurukul Men Salon Management System contact-us.php sql injection — Men Salon Management System 6.3 Medium2025-04-18
CVE-2025-32389 NamelessMC Vulnerable to SQL Injections in /user/messaging and /panel/users/reports Pages — Nameless 9.8 -2025-04-18
CVE-2025-3792 SeaCMS admin_link.php sql injection — SeaCMS 4.7 Medium2025-04-18
CVE-2025-39471 WordPress Modal Survey plugin <= 2.0.2.0.1 - SQL Injection vulnerability — Modal Survey 9.3 Critical2025-04-18
CVE-2025-27302 WordPress CHATLIVE plugin <= 2.0.1 - SQL Injection vulnerability — CHATLIVE 9.3 Critical2025-04-17

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.