Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-3589 SourceCodester Music Class Enrollment System manage_class.php sql injection — Music Class Enrollment System 6.3 Medium2025-04-14
CVE-2025-22371 SQL-injection in admin_login_handler allows unauthenticated user to log in as an administrator in SicommNet BASEC — BASEC 9.8AICriticalAI2025-04-14
CVE-2025-3571 Fannuo Enterprise Content Management System 凡诺企业网站管理系统 cms_chip.php sql injection — Enterprise Content Management System 凡诺企业网站管理系统 6.3 Medium2025-04-14
CVE-2025-3559 ghostxbh uzy-ssm-mall 20 ForeProductListController sql injection — uzy-ssm-mall 6.3 Medium2025-04-14
CVE-2025-3553 phpshe admin.php pe_delete sql injection — phpshe 6.3 Medium2025-04-14
CVE-2025-3534 PowerCreator CMS OpenPublicCourse.aspx sql injection — CMS 6.3 Medium2025-04-13
CVE-2025-2128 Cost Calculator Builder <= 3.2.67 - Authenticated (Subscriber+) SQL Injection via order_ids Parameter — Cost Calculator Builder 6.5 Medium2025-04-11
CVE-2025-32681 WordPress Error Log Viewer By WP Guru plugin <= 1.0.5 - SQL Injection vulnerability — Error Log Viewer 8.5 High2025-04-11
CVE-2025-32650 WordPress Accessibility Suite by Ability, Inc plugin <= 4.18 - SQL Injection vulnerability — Accessibility Suite 8.5 High2025-04-11
CVE-2025-32618 WordPress Wishlist plugin <= 1.0.46 - SQL Injection vulnerability — Wishlist 8.5 High2025-04-11
CVE-2025-32603 WordPress WP Online Users Stats plugin <= 1.0.0 - SQL Injection vulnerability — WP Online Users Stats 9.3 Critical2025-04-11
CVE-2025-32565 WordPress Neon Product Designer Plugin <= 2.2.0 - Unauthenticated SQL Injection vulnerability — Neon Product Designer 9.3 Critical2025-04-11
CVE-2025-32567 WordPress Easy Post Duplicator Plugin <= 1.0.1 - SQL Injection vulnerability — Easy Post Duplicator 8.5 High2025-04-11
CVE-2025-32558 WordPress Duplicate Title Checker Plugin <= 1.2 - SQL Injection vulnerability — Duplicate Title Checker 8.5 High2025-04-11
CVE-2025-31599 WordPress Bulk Product Sync plugin <= 8.6 - SQL Injection vulnerability — Bulk Product Sync 9.3 Critical2025-04-11
CVE-2025-31565 WordPress WPSmartContracts plugin <= 2.0.12 - SQL Injection vulnerability — WPSmartContracts 9.3 Critical2025-04-11
CVE-2025-32119 WordPress CardGate Payments for WooCommerce plugin <= 3.2.1 - SQL Injection vulnerability — CardGate Payments for WooCommerce 8.2 High2025-04-10
CVE-2025-32128 WordPress Nearby Locations Plugin <= 1.1.1 - SQL Injection vulnerability — Nearby Locations 7.6 High2025-04-10
CVE-2025-32687 WordPress Review Stars Count For WooCommerce plugin <= 2.0 - SQL Injection Vulnerability — Review Stars Count For WooCommerce 8.5 High2025-04-10
CVE-2024-13909 Accredible Certificates & Open Badges <= 1.4.9 - Authenticated (Administrator+) SQL Injection via orderby Parameter — Accredible Certificates & Open Badges 4.9 Medium2025-04-10
CVE-2025-32550 WordPress Click & Pledge Connect Plugin Plugin <= 2.24080000-WP6.6.1 - SQL Injection vulnerability — Click & Pledge Connect Plugin 7.2 High2025-04-09
CVE-2025-32676 WordPress Verowa Connect plugin <= 3.0.5 - SQL Injection vulnerability — Verowa Connect 7.6 High2025-04-09
CVE-2025-32677 WordPress WP Social Stream Designer plugin <= 1.3 - SQL Injection vulnerability — WP Social Stream Designer 7.6 High2025-04-09
CVE-2025-32685 WordPress WP Inquiries plugin <= 0.2.1 - SQL Injection Vulnerability — WP Inquiries 7.6 High2025-04-09
CVE-2017-20197 propanetank Roommate-Bill-Tracking login.php sql injection — Roommate-Bill-Tracking 7.3 High2025-04-09
CVE-2025-25226 [20250401] - Joomla Framework - SQL injection vulnerability in quoteNameStr method of Database package — Joomla! Framework 9.8AICriticalAI2025-04-08
CVE-2025-32020 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in crud-query-parser — crud-query-parser 9.8AICriticalAI2025-04-08
CVE-2025-22461 Ivanti Endpoint Manager SQL注入漏洞 — Endpoint Manager 7.2 High2025-04-08
CVE-2025-3436 coreActivity: Activity Logging for WordPress <= 2.7 - Authenticated (Subscriber+) SQL Injection — coreActivity: Activity Logging for WordPress 6.5 Medium2025-04-08
CVE-2025-3428 3DPrint Lite <=2.1.3.6 - Authenticated (Admin+) SQL Injection via 'coating_text' — 3DPrint Lite 4.9 Medium2025-04-08

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.