Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-25222 LuxSoft LuxCal Web Calendar SQL注入漏洞 — The LuxCal Web Calendar 9.8 -2025-02-18
CVE-2025-25221 LuxSoft LuxCal Web Calendar SQL注入漏洞 — The LuxCal Web Calendar 9.8 -2025-02-18
CVE-2025-1381 code-projects Real Estate Property Management System ajax_city.php sql injection — Real Estate Property Management System 6.3 Medium2025-02-17
CVE-2025-1380 Codezips Gym Management System del_plan.php sql injection — Gym Management System 6.3 Medium2025-02-17
CVE-2025-1379 code-projects Real Estate Property Management System CustomerReport.php sql injection — Real Estate Property Management System 6.3 Medium2025-02-17
CVE-2025-1389 Learning Digital Orca HCM - SQL Injection — Orca HCM 8.8 High2025-02-17
CVE-2025-1374 code-projects Real Estate Property Management System search.php sql injection — Real Estate Property Management System 6.3 Medium2025-02-17
CVE-2025-26755 WordPress WP Airbnb Review Slider Plugin <= 3.9 - SQL Injection vulnerability — WP Airbnb Review Slider 7.6 High2025-02-16
CVE-2025-22290 WordPress LTL Freight Quotes – FreightQuote Edition Plugin <= 2.3.11 - SQL Injection vulnerability — LTL Freight Quotes – FreightQuote Edition 9.3 Critical2025-02-16
CVE-2025-1356 needyamin Library Card System card.php sql injection — Library Card System 6.3 Medium2025-02-16
CVE-2024-13488 LTL Freight Quotes – Estes Edition <= 3.3.7 - Unauthenticated SQL Injection — LTL Freight Quotes – Estes Edition 7.5 High2025-02-15
CVE-2024-13500 WP Project Manager <= 2.6.17 - Authenticated (Subscriber+) SQL Injection via orderby Parameter — Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker 6.5 Medium2025-02-15
CVE-2025-22208 Extension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.3 for Joomla — JS Jobs component for Joomla 7.2 -2025-02-15
CVE-2025-22209 Extension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.3 for Joomla — JS Jobs component for Joomla 7.2 -2025-02-15
CVE-2025-25206 Incorrect input validation could allow an authenticated user to read sensitive information — elabftw 8.3 High2025-02-14
CVE-2024-13152 SQLi in BSS Software's Mobuy Online Machinery Monitoring Panel — Mobuy Online Machinery Monitoring Panel 10.0 Critical2025-02-14
CVE-2025-0821 Bit Assist <= 1.5.2 - Authenticated (Subscriber+) SQL Injection via id Parameter — Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist 6.5 Medium2025-02-14
CVE-2025-1227 ywoa AddressDao.xml selectList sql injection — ywoa 6.3 Medium2025-02-12
CVE-2025-1224 ywoa UserMapper.xml listNameBySql sql injection — ywoa 6.3 Medium2025-02-12
CVE-2025-1216 ywoa OaNoticeMapper.xml selectNoticeList sql injection — ywoa 6.3 Medium2025-02-12
CVE-2025-1210 code-projects Wazifa System control.php sql injection — Wazifa System 6.3 Medium2025-02-12
CVE-2025-1206 Codezips Gym Management System viewdetailroutine.php sql injection — Gym Management System 6.3 Medium2025-02-12
CVE-2025-1202 SourceCodester Best Church Management Software edit_slider.php sql injection — Best Church Management Software 6.3 Medium2025-02-12
CVE-2025-1201 SourceCodester Best Church Management Software profile_crud.php sql injection — Best Church Management Software 6.3 Medium2025-02-12
CVE-2025-1200 SourceCodester Best Church Management Software slider_crud.php sql injection — Best Church Management Software 6.3 Medium2025-02-12
CVE-2025-26348 Q-Free MAXTIME Suite SQL注入漏洞 — MaxTime 5.5 Medium2025-02-12
CVE-2025-26346 Q-Free MAXTIME Suite SQL注入漏洞 — MaxTime 5.5 Medium2025-02-12
CVE-2025-1199 SourceCodester Best Church Management Software role_crud.php sql injection — Best Church Management Software 6.3 Medium2025-02-12
CVE-2025-1197 code-projects Real Estate Property Management System load_user-profile.php sql injection — Real Estate Property Management System 6.3 Medium2025-02-12
CVE-2024-13480 LTL Freight Quotes – For Customers of FedEx Freight <= 3.4.1 - Unauthenticated SQL Injection — LTL Freight Quotes – For Customers of FedEx Freight 7.5 High2025-02-12

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.