Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8845

8845 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-14832 itsourcecode Online Cake Ordering System updateproduct.php sql injection — Online Cake Ordering System 7.3 High2025-12-17
CVE-2025-68400 ChurchCRM vulnerable to time-based blind SQL Injection in ConfirmReportEmail.php — CRM 8.8AIHighAI2025-12-17
CVE-2025-68112 ChurchCRM has SQL injection in EditEventAttendees.php — CRM 9.6 Critical2025-12-17
CVE-2025-68111 ChurchCRM has SQL Injection in eGive Import Feature — CRM 7.2 High2025-12-17
CVE-2025-67877 ChurchCRM SQL Injection Vulnerability — CRM 8.8AIHighAI2025-12-17
CVE-2025-66396 ChurchCRM has SQL Injection in User Editor via `type` Parameter Key — CRM 7.2 High2025-12-17
CVE-2025-66395 SQL Injection in Event List via `WhichType` Parameter — CRM 8.8 High2025-12-17
CVE-2025-14780 Xiongwei Smart Catering Cloud Platform dish_trade_detail_get sql injection — Smart Catering Cloud Platform 6.3 Medium2025-12-16
CVE-2025-68056 WordPress LBG Zoominoutslider plugin <= 5.4.4 - SQL Injection vulnerability — LBG Zoominoutslider 8.5 High2025-12-16
CVE-2025-68053 WordPress xPromoter plugin <= 1.3.4 - SQL Injection vulnerability — xPromoter 8.5 High2025-12-16
CVE-2025-68055 WordPress Hydra Booking plugin <= 1.1.32 - SQL Injection vulnerability — Hydra Booking 8.5 High2025-12-16
CVE-2025-68054 WordPress CountDown With Image or Video Background plugin <= 1.5 - SQL Injection vulnerability — CountDown With Image or Video Background 8.5 High2025-12-16
CVE-2025-67999 WordPress Newsletter plugin <= 9.0.9 - SQL Injection vulnerability — Newsletter 7.6 High2025-12-16
CVE-2025-67962 WordPress Broken Link Checker plugin <= 1.2.6 - SQL Injection vulnerability — Broken Link Checker 7.6 High2025-12-16
CVE-2025-67950 WordPress All In One SEO Pack plugin <= 4.9.1 - SQL Injection vulnerability — All In One SEO Pack 8.5 High2025-12-16
CVE-2025-62849 QTS, QuTS hero — QTS 9.8AICriticalAI2025-12-16
CVE-2025-67751 ChurchCRM has SQL Injection in Event Editor via `EN_tyid` Parameter caused by an Incomplete Fix — CRM 7.2 High2025-12-16
CVE-2025-67736 Authenticated SQL Injection in FreePBX tts (Text To Speech) module — tts 7.2AIHighAI2025-12-16
CVE-2023-53877 Bus Reservation System 1.1 Multiple SQL Injection via pickup_id Parameter — Bus Reservation System 9.1AICriticalAI2025-12-15
CVE-2025-34179 NetSupport Manager < 14.12.0001 Unauthenticated SQLi Local File Disclosure — Manager 9.1AICriticalAI2025-12-15
CVE-2025-14383 Booking Calendar <= 10.14.8 - Unauthenticated SQL Injection via dates_to_check — Booking Calendar 7.5 High2025-12-15
CVE-2025-14711 FantasticLBP Hotels Server hotelList.php sql injection — Hotels Server 7.3 High2025-12-15
CVE-2025-14710 FantasticLBP Hotels Server OrderList.php sql injection — Hotels Server 7.3 High2025-12-15
CVE-2025-14694 ketr JEPaaS readAllPostil sql injection — JEPaaS 4.7 Medium2025-12-15
CVE-2025-14668 campcodes Advanced Online Examination System loginExe.php sql injection — Advanced Online Examination System 7.3 High2025-12-14
CVE-2025-14667 itsourcecode COVID Tracking System page sql injection — COVID Tracking System 7.3 High2025-12-14
CVE-2025-14666 itsourcecode COVID Tracking System page sql injection — COVID Tracking System 7.3 High2025-12-14
CVE-2025-14664 Campcodes Supplier Management System view_unit.php sql injection — Supplier Management System 7.3 High2025-12-14
CVE-2025-14661 itsourcecode Student Managemen System advisers.php sql injection — Student Managemen System 7.3 High2025-12-14
CVE-2025-14653 itsourcecode Student Management System addrecord.php sql injection — Student Management System 7.3 High2025-12-14

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8845 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.