Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8845

8845 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-14222 code-projects Employee Profile Management System print_personnel_report.php sql injection — Employee Profile Management System 6.3 Medium2025-12-08
CVE-2025-14218 code-projects Currency Exchange System editotheraccount.php sql injection — Currency Exchange System 7.3 High2025-12-08
CVE-2025-14217 code-projects Currency Exchange System edittrns.php sql injection — Currency Exchange System 7.3 High2025-12-08
CVE-2025-14216 code-projects Currency Exchange System viewserial.php sql injection — Currency Exchange System 7.3 High2025-12-08
CVE-2025-14215 code-projects Currency Exchange System edit.php sql injection — Currency Exchange System 7.3 High2025-12-08
CVE-2025-14214 itsourcecode Student Information System section_edit1.php sql injection — Student Information System 6.3 Medium2025-12-08
CVE-2025-14212 projectworlds Advanced Library Management System member_search.php sql injection — Advanced Library Management System 7.3 High2025-12-08
CVE-2025-14211 projectworlds Advanced Library Management System delete_book.php sql injection — Advanced Library Management System 7.3 High2025-12-08
CVE-2025-14210 projectworlds Advanced Library Management System delete_member.php sql injection — Advanced Library Management System 7.3 High2025-12-08
CVE-2025-14209 Campcodes School File Management System update_query.php sql injection — School File Management System 7.3 High2025-12-08
CVE-2025-14207 tushar-2223 Hotel-Management-System invoiceprint.php sql injection — Hotel-Management-System 7.3 High2025-12-08
CVE-2025-14203 code-projects Question Paper Generator selectquestionuser.php sql injection — Question Paper Generator 6.3 Medium2025-12-07
CVE-2025-14193 code-projects Employee Profile Management System view_personnel.php sql injection — Employee Profile Management System 6.3 Medium2025-12-07
CVE-2025-14192 RashminDungrani online-banking auth_login.php sql injection — online-banking 7.3 High2025-12-07
CVE-2025-14190 Chanjet TPlus sql injection — TPlus 7.3 High2025-12-07
CVE-2025-14189 Chanjet CRM jxf_dump_table_demo.php sql injection — CRM 7.3 High2025-12-07
CVE-2025-14185 Yonyou U8 Cloud AppServletService.class sql injection — U8 Cloud 6.3 Medium2025-12-07
CVE-2025-13922 Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.1 - Authenticated (Contributor+) SQL Injection via ORDER BY Clause — Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI 6.5 Medium2025-12-06
CVE-2025-14091 TrippWasTaken PHP-Guitar-Shop Product Details product.php sql injection — PHP-Guitar-Shop 7.3 High2025-12-05
CVE-2025-14090 AMTT Hotel Broadband Operation System cardmake_down.php sql injection — Hotel Broadband Operation System 4.7 Medium2025-12-05
CVE-2025-12850 My auctions allegro <= 3.6.32 - Unauthenticated SQL Injection via auction_id — My auctions allegro 7.5 High2025-12-05
CVE-2025-13373 Advantech iView SQL Injection — iView 7.5 High2025-12-04
CVE-2024-58276 Obi08-Enrollment System 1.0 login.php SQL Injection — Obi08/Enrollment System 9.1AICriticalAI2025-12-04
CVE-2023-53734 dawa-pharma-1.0 - SQL Injection via Email Parameter — dawa-pharma 9.8AICriticalAI2025-12-04
CVE-2025-14012 JIZHICMS Batch Delete Comments deleteAll.html delete sql injection — JIZHICMS 4.7 Medium2025-12-04
CVE-2025-14011 JIZHICMS Add Display Name Field addcomment.html commentlist sql injection — JIZHICMS 4.7 Medium2025-12-04
CVE-2025-62173 Authenticated SQL Injection in Endpoint Module Rest API — restapps 8.8AIHighAI2025-12-03
CVE-2025-13359 Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.1 - Authenticated (Contributor+) SQL Injection — Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI 6.5 Medium2025-12-03
CVE-2025-13495 FluentCart A New Era of eCommerce <= 1.3.1 - Authenticated (Administrator+) SQL Injection via 'groupKey' Parameter — FluentCart A New Era of eCommerce – Faster, Lighter, and Simpler 4.9 Medium2025-12-03
CVE-2025-13372 Potential SQL injection in FilteredRelation column aliases on PostgreSQL — Django 9.8AICriticalAI2025-12-02

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8845 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.