Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8844

8844 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-14990 Campcodes Complete Online Beauty Parlor Management System view-appointment.php sql injection — Complete Online Beauty Parlor Management System 7.3 High2025-12-21
CVE-2025-14989 Campcodes Complete Online Beauty Parlor Management System search-invoices.php sql injection — Complete Online Beauty Parlor Management System 7.3 High2025-12-20
CVE-2025-14968 code-projects Simple Stock System update.php sql injection — Simple Stock System 7.3 High2025-12-19
CVE-2025-14967 itsourcecode Student Management System candidates_report.php sql injection — Student Management System 7.3 High2025-12-19
CVE-2025-14966 FastAdmin Backend Controller Backend.php selectpage sql injection — FastAdmin 4.7 Medium2025-12-19
CVE-2025-14961 code-projects Simple Blood Donor Management System editedcampaign.php sql injection — Simple Blood Donor Management System 7.3 High2025-12-19
CVE-2025-14960 code-projects Simple Blood Donor Management System editeddonor.php sql injection — Simple Blood Donor Management System 7.3 High2025-12-19
CVE-2025-14959 code-projects Simple Stock System signup.php sql injection — Simple Stock System 7.3 High2025-12-19
CVE-2025-14952 Campcodes Supplier Management System add_category.php sql injection — Supplier Management System 7.3 High2025-12-19
CVE-2025-14951 code-projects Scholars Tracking System home.php sql injection — Scholars Tracking System 7.3 High2025-12-19
CVE-2025-14950 code-projects Scholars Tracking System delete_post.php sql injection — Scholars Tracking System 7.3 High2025-12-19
CVE-2025-14940 code-projects Scholars Tracking System delete_user.php sql injection — Scholars Tracking System 7.3 High2025-12-19
CVE-2025-14939 code-projects Online Appointment Booking System deletemanager.php sql injection — Online Appointment Booking System 4.7 Medium2025-12-19
CVE-2025-14900 CodeAstro Real Estate Management System Administrator Endpoint userdelete.php sql injection — Real Estate Management System 4.7 Medium2025-12-19
CVE-2025-14899 CodeAstro Real Estate Management System Administrator Endpoint stateadd.php sql injection — Real Estate Management System 4.7 Medium2025-12-19
CVE-2025-14898 CodeAstro Real Estate Management System Administrator Endpoint userbuilderdelete.php sql injection — Real Estate Management System 4.7 Medium2025-12-18
CVE-2025-14897 CodeAstro Real Estate Management System Administrator Endpoint useragentdelete.php sql injection — Real Estate Management System 4.7 Medium2025-12-18
CVE-2025-46268 Advantech WebAccess/SCADA SQL Injection — WebAccess/SCADA 6.3 Medium2025-12-18
CVE-2023-53935 WBiz Desk 1.2 SQL Injection Vulnerability via ticket.php Parameter — WBiz Desk 5.4 Medium2025-12-18
CVE-2021-47711 Kentico Xperience <= 13.0.52 Online Marketing Macros SQL Injection — Xperience 8.8 High2025-12-18
CVE-2025-14877 Campcodes Supplier Management System add_retailer.php sql injection — Supplier Management System 7.3 High2025-12-18
CVE-2025-64371 WordPress Traveler theme < 3.2.6 - SQL Injection vulnerability — Traveler 8.5 High2025-12-18
CVE-2025-60062 WordPress tPlayer plugin <= 1.2.1.6 - SQL Injection vulnerability — tPlayer 9.3 Critical2025-12-18
CVE-2025-58951 WordPress Advance Seat Reservation Management for WooCommerce plugin <= 3.1 - SQL Injection vulnerability — Advance Seat Reservation Management for WooCommerce 9.3 Critical2025-12-18
CVE-2025-14314 WordPress PopupKit plugin <= 2.1.5 - SQL Injection vulnerability — PopupKit 8.5 High2025-12-18
CVE-2025-14834 code-projects Simple Stock System checkuser.php sql injection — Simple Stock System 6.3 Medium2025-12-17
CVE-2023-53917 Affiliate Me 5.0.1 SQL Injection Vulnerability via Admin Panel — Affiliate Me 6.5 Medium2025-12-17
CVE-2023-53926 PHPJabbers Simple CMS 5.0 SQL Injection via Column Parameter — Simple CMS 9.8 Critical2025-12-17
CVE-2025-14833 code-projects Online Appointment Booking System deletemanagerclinic.php sql injection — Online Appointment Booking System 7.3 High2025-12-17
CVE-2025-14832 itsourcecode Online Cake Ordering System updateproduct.php sql injection — Online Cake Ordering System 7.3 High2025-12-17

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8844 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.