Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8845

8845 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-14652 itsourcecode Online Cake Ordering System admindetail.php sql injection — Online Cake Ordering System 7.3 High2025-12-14
CVE-2025-14650 itsourcecode Online Cake Ordering System product.php sql injection — Online Cake Ordering System 7.3 High2025-12-14
CVE-2025-14649 itsourcecode Online Cake Ordering System supplier.php sql injection — Online Cake Ordering System 7.3 High2025-12-14
CVE-2025-14647 code-projects Computer Book Store admin_delete.php sql injection — Computer Book Store 7.3 High2025-12-14
CVE-2025-14646 code-projects Student File Management System delete_student.php sql injection — Student File Management System 7.3 High2025-12-14
CVE-2025-14645 code-projects Student File Management System delete_user.php sql injection — Student File Management System 7.3 High2025-12-14
CVE-2025-13126 wpForo Forum <= 2.4.12 - Unauthenticated SQL Injection — wpForo Forum 7.5 High2025-12-14
CVE-2025-14644 itsourcecode Student Management System update_subject.php sql injection — Student Management System 7.3 High2025-12-14
CVE-2025-14643 code-projects Simple Attendance Record System check.php sql injection — Simple Attendance Record System 7.3 High2025-12-14
CVE-2025-14640 code-projects Student File Management System save_student.php sql injection — Student File Management System 7.3 High2025-12-14
CVE-2025-14639 itsourcecode Student Management System uprec.php sql injection — Student Management System 7.3 High2025-12-14
CVE-2025-14638 itsourcecode Online Pet Shop Management System update_cnp.php sql injection — Online Pet Shop Management System 7.3 High2025-12-14
CVE-2025-14637 itsourcecode Online Pet Shop Management System addcnp.php sql injection — Online Pet Shop Management System 7.3 High2025-12-13
CVE-2025-14623 code-projects Student File Management System update_student.php sql injection — Student File Management System 7.3 High2025-12-13
CVE-2025-14622 code-projects Student File Management System save_user.php sql injection — Student File Management System 7.3 High2025-12-13
CVE-2025-14621 code-projects Student File Management System update_user.php sql injection — Student File Management System 7.3 High2025-12-13
CVE-2025-14620 code-projects Student File Management System login_query.php sql injection — Student File Management System 7.3 High2025-12-13
CVE-2025-14619 code-projects Student File Management System login_query.php sql injection — Student File Management System 7.3 High2025-12-13
CVE-2025-14590 code-projects Prison Management System search1.php sql injection — Prison Management System 7.3 High2025-12-13
CVE-2025-14589 code-projects Prison Management System search.php sql injection — Prison Management System 6.3 Medium2025-12-13
CVE-2025-14588 itsourcecode Student Management System update_program.php sql injection — Student Management System 7.3 High2025-12-13
CVE-2025-14587 itsourcecode Online Pet Shop Management System available.php sql injection — Online Pet Shop Management System 7.3 High2025-12-13
CVE-2025-10289 Filter & Grids <= 3.2.0 - Unauthenticated SQL Injection — YMC Filter 5.9 Medium2025-12-13
CVE-2025-10738 URL Shortener Plugin For WordPress <= 3.0.7 - Unauthenticated SQL Injection — URL Shortener Plugin For WordPress 9.8 Critical2025-12-13
CVE-2025-13077 افزونه پیامک ووکامرس فوق حرفه ای (جدید) payamito sms woocommerce <= 1.3.5 - Unauthenticated Time-Based Blind SQL Injection — افزونه پیامک ووکامرس فوق حرفه ای (جدید) payamito sms woocommerce 7.5 High2025-12-13
CVE-2025-14050 Design Import/Export <= 2.2 - Authenticated (Administrator+) SQL Injection via XML File Import — Design Import/Export – Styles, Templates, Template Parts and Patterns 4.9 Medium2025-12-13
CVE-2025-13089 WP Directory Kit <= 1.4.7 - Unauthenticated SQL Injection — WP Directory Kit 7.5 High2025-12-13
CVE-2025-14477 404 Solution <= 3.1.0 - Authenticated (Admin+) SQL Injection via 'filterText' Parameter — 404 Solution 4.9 Medium2025-12-13
CVE-2025-14585 itsourcecode COVID Tracking System page sql injection — COVID Tracking System 7.3 High2025-12-12
CVE-2025-14584 itsourcecode COVID Tracking System Admin Login login.php sql injection — COVID Tracking System 7.3 High2025-12-12

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8845 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.