CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8857

8857 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-50895	Aero CMS 0.0.1 - SQL Injection — Aero CMS	9.8	Critical	2026-01-13
CVE-2022-50805	Senayan Library Management System 9.0.0 - SQL Injection — Senayan Library Management System	8.2	High	2026-01-13
CVE-2026-20947	Microsoft SharePoint Server Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016	8.8	High	2026-01-13
CVE-2025-59922	Fortinet FortiClientEMS SQL注入漏洞 — FortiClientEMS	6.8	High	2026-01-13
CVE-2025-13774	SQL injection leading to privilege escalation in Progress Flowmon ADS — Flowmon ADS	8.8	High	2026-01-13
CVE-2026-0501	SQL Injection Vulnerability in SAP S/4HANA Private Cloud and On-Premise (Financials � General Ledger) — SAP S/4HANA Private Cloud and On-Premise (Financials � General Ledger)	9.9	Critical	2026-01-13
CVE-2025-41006	Multiple vulnerabilities in Imaster products Open configuration options — MEMS Events CRM	9.8^AI	Critical^AI	2026-01-12
CVE-2025-41005	Multiple vulnerabilities in Imaster products Open configuration options — MEMS Events CRM	9.8^AI	Critical^AI	2026-01-12
CVE-2025-41004	Multiple vulnerabilities in Imaster products Open configuration options — Patient Record Management System	9.8^AI	Critical^AI	2026-01-12
CVE-2026-0852	code-projects Online Music Site AdminUpdateUser.php sql injection — Online Music Site	7.3	High	2026-01-12
CVE-2026-0851	code-projects Online Music Site AdminAddUser.php sql injection — Online Music Site	7.3	High	2026-01-11
CVE-2026-0850	code-projects Intern Membership Management System delete_activity.php sql injection — Intern Membership Management System	4.7	Medium	2026-01-11
CVE-2026-0843	jiujiujia/victor123/wxw850227 jjjfood/jjjshop_food index sql injection — jjjfood	6.3	Medium	2026-01-11
CVE-2026-22687	WeKnora vulnerable to SQL Injection — WeKnora	5.6	Medium	2026-01-10
CVE-2025-65091	XWiki Full Calendar Macro vulnerable to SQL injection through Calendar.JSONService — macro-fullcalendar	10.0	Critical	2026-01-10
CVE-2026-22596	Ghost has SQL Injection in Members Activity Feed — Ghost	6.7	Medium	2026-01-10
CVE-2025-15496	guchengwuyue yshopmall jobs getPage sql injection — yshopmall	6.3	Medium	2026-01-09
CVE-2025-15494	RainyGao DocSys UserMapper.xml sql injection — DocSys	6.3	Medium	2026-01-09
CVE-2025-15493	RainyGao DocSys ReposAuthMapper.xml sql injection — DocSys	6.3	Medium	2026-01-09
CVE-2026-22196	GestSup < 3.2.60 SQL Injection in Ticket Creation — GestSup	8.1	-	2026-01-09
CVE-2026-22197	GestSup < 3.2.60 Multiple SQL Injections in Asset List — GestSup	8.1	-	2026-01-09
CVE-2026-22195	GestSup < 3.2.60 SQL Injection in Search Bar — GestSup	8.8	-	2026-01-09
CVE-2025-15492	RainyGao DocSys GroupMemberMapper.xml sql injection — DocSys	6.3	Medium	2026-01-09
CVE-2026-0803	PHPGurukul Online Course Registration System enroll.php sql injection — Online Course Registration System	6.3	Medium	2026-01-09
CVE-2026-0733	PHPGurukul Online Course Registration System manage-students.php sql injection — Online Course Registration System	6.3	Medium	2026-01-08
CVE-2026-0729	code-projects Intern Membership Management System add_activity.php sql injection — Intern Membership Management System	4.7	Medium	2026-01-08
CVE-2026-0728	code-projects Intern Membership Management System delete_admin.php sql injection — Intern Membership Management System	4.7	Medium	2026-01-08
CVE-2026-21892	Parsl Monitoring Visualization Vulnerable to SQL Injection — parsl	5.3	Medium	2026-01-08
CVE-2025-67928	WordPress Automotive Listings plugin <= 18.6 - SQL Injection vulnerability — Automotive Listings	9.3	Critical	2026-01-08
CVE-2025-67921	WordPress Lobo theme < 2.8.6 - SQL Injection vulnerability — Lobo	8.5	High	2026-01-08

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8857 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8857