Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-0489 Fanli2012 native-php-cms friendlink_dodel.php sql injection — native-php-cms 6.3 Medium2025-01-15
CVE-2025-0488 Fanli2012 native-php-cms product_list.php sql injection — native-php-cms 6.3 Medium2025-01-15
CVE-2025-0487 Fanli2012 native-php-cms cat_edit.php sql injection — native-php-cms 6.3 Medium2025-01-15
CVE-2025-0486 Fanli2012 native-php-cms login.php sql injection — native-php-cms 7.3 High2025-01-15
CVE-2025-22785 WordPress Course Booking System plugin <= 6.0.6 - SQL Injection vulnerability — Course Booking System 9.3 Critical2025-01-15
CVE-2025-22799 WordPress Neon Product Designer Plugin <= 2.2.0 - SQL Injection vulnerability — Neon Product Designer 8.5 High2025-01-15
CVE-2024-13162 Ivanti EPM SQL注入漏洞 — Endpoint Manager 7.2 High2025-01-14
CVE-2025-0462 Shanghai Lingdang Information Technology Lingdang CRM index.php sql injection — Lingdang CRM 6.3 Medium2025-01-14
CVE-2023-37931 Fortinet FortiVoice Entreprise SQL注入漏洞 — FortiVoice 8.6 High2025-01-14
CVE-2024-35278 Fortinet FortiPortal SQL注入漏洞 — FortiPortal 4.1 Medium2025-01-14
CVE-2024-52969 Fortinet FortiSIEM SQL注入漏洞 — FortiSIEM 3.7 Medium2025-01-14
CVE-2024-35275 Fortinet FortiManager和Fortinet FortiAnalyzer SQL注入漏洞 — FortiManager 6.5 Medium2025-01-14
CVE-2024-55593 Fortinet FortiWeb SQL注入漏洞 — FortiWeb 2.6 Low2025-01-14
CVE-2025-20620 STEALTHONE多款产品 SQL注入漏洞 — STEALTHONE D220 7.5 High2025-01-14
CVE-2025-0063 SQL Injection vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform — SAP NetWeaver AS ABAP and ABAP Platform 8.8 High2025-01-14
CVE-2025-0410 liujianview gymxmjpa MenberConntroller.java MenberDaoInpl sql injection — gymxmjpa 6.3 Medium2025-01-13
CVE-2025-0409 liujianview gymxmjpa MembertypeController.java MembertypeDaoImpl sql injection — gymxmjpa 6.3 Medium2025-01-13
CVE-2025-0408 liujianview gymxmjpa LoosController.java LoosDaoImpl sql injection — gymxmjpa 6.3 Medium2025-01-13
CVE-2025-0407 liujianview gymxmjpa EquipmentController.java EquipmentDaoImpl sql injection — gymxmjpa 6.3 Medium2025-01-13
CVE-2025-0406 liujianview gymxmjpa SubjectController.java SubjectDaoImpl sql injection — gymxmjpa 6.3 Medium2025-01-13
CVE-2025-0405 liujianview gymxmjpa GoodsController.java GoodsDaoImpl sql injection — gymxmjpa 6.3 Medium2025-01-13
CVE-2025-0404 liujianview gymxmjpa CoachController.java CoachController sql injection — gymxmjpa 6.3 Medium2025-01-13
CVE-2025-0392 Guangzhou Huayi Intelligent Technology Jeewms graphReportController.do datagridGraph sql injection — Jeewms 6.3 Medium2025-01-11
CVE-2025-0391 Guangzhou Huayi Intelligent Technology Jeewms CgFormBuildController. java saveOrUpdate sql injection — Jeewms 6.3 Medium2025-01-11
CVE-2025-0103 Expedition: SQL Injection Vulnerability — Cloud NGFW 8.1 -2025-01-11
CVE-2024-12404 CF Internal Link Shortcode <= 1.1.0 - Unauthenticated SQL Injection — CF Internal Link Shortcode 7.5 High2025-01-11
CVE-2024-9134 Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges. — Arista Edge Threat Management 8.3 High2025-01-10
CVE-2024-12473 AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Authenticated (Contributor+) SQL Injection — Opace AI Scribe: SEO Content Creator & Humaizer for OpenAI & Anthropic 6.5 Medium2025-01-10
CVE-2025-21628 Chatwoot has a Blind SQL-injection in Conversation and Contacts filters — chatwoot 9.1 Critical2025-01-09
CVE-2025-22505 WordPress NC Wishlist for Woocommerce Plugin <= 1.0.1 - SQL Injection vulnerability — NC Wishlist for Woocommerce 8.5 High2025-01-09

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.