Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8845

8845 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-13575 code-projects Blog Site Category blog.php category_exists sql injection — Blog Site 6.3 Medium2025-11-24
CVE-2025-13572 projectworlds Advanced Library Management System delete_admin.php sql injection — Advanced Library Management System 7.3 High2025-11-23
CVE-2025-13571 code-projects Simple Food Ordering System listorder.php sql injection — Simple Food Ordering System 6.3 Medium2025-11-23
CVE-2025-13570 itsourcecode COVID Tracking System page sql injection — COVID Tracking System 6.3 Medium2025-11-23
CVE-2025-13569 itsourcecode COVID Tracking System page sql injection — COVID Tracking System 6.3 Medium2025-11-23
CVE-2025-13568 itsourcecode COVID Tracking System page sql injection — COVID Tracking System 6.3 Medium2025-11-23
CVE-2025-13567 itsourcecode COVID Tracking System page sql injection — COVID Tracking System 6.3 Medium2025-11-23
CVE-2025-13561 SourceCodester Company Website CMS index.php sql injection — Company Website CMS 7.3 High2025-11-23
CVE-2025-13560 SourceCodester Company Website CMS reset-password.php sql injection — Company Website CMS 7.3 High2025-11-23
CVE-2025-13557 Campcodes Online Polling System registeracc.php sql injection — Online Polling System 7.3 High2025-11-23
CVE-2025-13556 Campcodes Online Polling System checklogin.php sql injection — Online Polling System 7.3 High2025-11-23
CVE-2025-13555 Campcodes School File Management System Login index.php sql injection — School File Management System 7.3 High2025-11-23
CVE-2025-13554 Campcodes Supplier Management System Login index.php sql injection — Supplier Management System 7.3 High2025-11-23
CVE-2025-13546 ashraf-kabir travel-agency Search results.php sql injection — travel-agency 6.3 Medium2025-11-23
CVE-2025-13545 ashraf-kabir travel-agency index.php sql injection — travel-agency 4.7 Medium2025-11-23
CVE-2025-66095 WordPress KiviCare plugin <= 3.6.13 - SQL Injection vulnerability — KiviCare 8.5 High2025-11-21
CVE-2025-12750 Groundhogg <= 4.2.6.1 - Authenticated (Admin+) SQL Injection — Groundhogg — CRM, Newsletters, and Marketing Automation 4.9 Medium2025-11-21
CVE-2025-13138 WP Directory Kit <= 1.4.3 - Unauthenticated SQL Injection via select_2_ajax() Function — WP Directory Kit 7.5 High2025-11-21
CVE-2025-13485 itsourcecode Online File Management System ajax.php sql injection — Online File Management System 7.3 High2025-11-21
CVE-2025-13451 SourceCodester Online Shop Project action.php sql injection — Online Shop Project 7.3 High2025-11-20
CVE-2025-13449 code-projects Online Shop Project login.php sql injection — Online Shop Project 7.3 High2025-11-20
CVE-2025-13424 Campcodes Supplier Management System add_product.php sql injection — Supplier Management System 4.7 Medium2025-11-20
CVE-2025-13422 freeprojectscodes Sports Club Management System change_s_pwd.php sql injection — Sports Club Management System 7.3 High2025-11-19
CVE-2025-13421 itsourcecode Human Resource Management System NoticeStore.php sql injection — Human Resource Management System 7.3 High2025-11-19
CVE-2025-13420 itsourcecode Human Resource Management System EventStore.php sql injection — Human Resource Management System 7.3 High2025-11-19
CVE-2025-13410 Campcodes Retro Basketball Shoes Online Store receipt.php sql injection — Retro Basketball Shoes Online Store 7.3 High2025-11-19
CVE-2025-65103 OpenSTAManager has an authenticated SQL Injection vulnerability in API via 'display' parameter — openstamanager 8.8 High2025-11-19
CVE-2025-12743 SQL Injection in Looker Project Generation Endpoint Allows Access to Internal MySQL Database — Looker 6.5AIMediumAI2025-11-19
CVE-2025-65022 i-Educar Authenticated Time-based SQL Injection in `agenda.php` — i-educar 7.2 High2025-11-19
CVE-2025-65023 i-Educar Authenticated Time-based SQL Injection in `funcionario_vinculo_cad.php` — i-educar 7.2 High2025-11-19

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8845 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.