Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8845

8845 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-41013 SQL injection vulnerability in TCMAN GIM — GIM 9.8AICriticalAI2025-12-02
CVE-2025-12465 Blind SQL Injection in QuickCMS — QuickCMS 7.2AIHighAI2025-12-02
CVE-2025-13090 WP Directory Kit <= 1.4.6 - Authenticated (Admin+) SQL Injection — WP Directory Kit 4.9 Medium2025-12-02
CVE-2025-13724 VikRentCar Car Rental Management System <= 1.4.4 - Authenticated (Author+) SQL Injection via 'month' Parameter — VikRentCar Car Rental Management System 7.5 High2025-12-02
CVE-2025-12483 Visualizer: Tables and Charts Manager for WordPress <= 3.11.12 - Authenticated (Contributor+) SQL Injection — Visualizer: Tables and Charts Manager for WordPress 6.5 Medium2025-12-02
CVE-2025-66313 ChurchCRM vulnerable to a time-based blind SQL injection via the 1FieldSec parameter — CRM 7.7AIHighAI2025-12-01
CVE-2025-66205 Frappe has the possibility of SQL Injection due to improper validations — frappe 7.1 High2025-12-01
CVE-2025-13811 jsnjfz WebStack-Guns PageFactory.java sql injection — WebStack-Guns 6.3 Medium2025-12-01
CVE-2025-13788 Chanjet CRM upgradeattribute.php sql injection — CRM 7.3 High2025-11-30
CVE-2025-13783 taosir WTCMS CommentadminController CommentadminController.class.php delete sql injection — WTCMS 6.3 Medium2025-11-30
CVE-2025-13782 taosir WTCMS SlideController SlideController.class.php delete sql injection — WTCMS 7.3 High2025-11-30
CVE-2025-13770 Uniong|WebITR - SQL Injection — WebITR 6.5 Medium2025-11-28
CVE-2025-13769 Uniong|WebITR - SQL Injection — WebITR 6.5 Medium2025-11-28
CVE-2025-13757 Devolutions Server 安全漏洞 — Server 8.1 -2025-11-27
CVE-2025-11461 Frappe CRM 1.53.1 — Multiple SQL Injections in Dashboard Controller — Frappe CRM 8.8AIHighAI2025-11-26
CVE-2025-62728 Apache Hive: SQL injection vulnerability when processing delete column statistics requests via the HMS Thrift APIs — Apache Hive 8.8AIHighAI2025-11-26
CVE-2025-66260 PostgreSQL SQL Injection (status_sql.php) — Mozart FM Transmitter 9.8AICriticalAI2025-11-26
CVE-2025-59369 ASUS Router 安全漏洞 — Router 6.5AIMediumAI2025-11-25
CVE-2025-13385 Bookme <= 4.2 - Authenticated (Admin+) SQL Injection via 'filter[status]' Parameter — Bookme – Free Online Appointment Booking and Scheduling Plugin 4.9 Medium2025-11-25
CVE-2025-13370 ProjectList <= 0.3.0 - Authenticated (Editor+) SQL Injection via 'id' Parameter — ProjectList 4.9 Medium2025-11-25
CVE-2025-10144 Perfect Brands for WooCommerce <= 3.6.2 - Authenticated (Contributor+) SQL Injection — Perfect Brands for WooCommerce 6.5 Medium2025-11-24
CVE-2025-13586 SourceCodester Online Student Clearance System changepassword.php sql injection — Online Student Clearance System 4.7 Medium2025-11-24
CVE-2025-13585 itsourcecode COVID Tracking System login.php sql injection — COVID Tracking System 7.3 High2025-11-24
CVE-2025-7402 Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager <= 4.95 - Unauthenticated SQL Injection via site_id — Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager 7.5 High2025-11-24
CVE-2025-13583 code-projects Question Paper Generator POST Parameter signupscript.php sql injection — Question Paper Generator 7.3 High2025-11-24
CVE-2025-13582 code-projects Jonnys Liquor GET Parameter detail.php sql injection — Jonnys Liquor 7.3 High2025-11-24
CVE-2025-13581 itsourcecode Student Information System schedule_edit1.php sql injection — Student Information System 6.3 Medium2025-11-24
CVE-2025-13580 code-projects Library System mail.php sql injection — Library System 6.3 Medium2025-11-24
CVE-2025-13579 code-projects Library System return.php sql injection — Library System 6.3 Medium2025-11-24
CVE-2025-13578 code-projects Library System Login index.php sql injection — Library System 7.3 High2025-11-24

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8845 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.