Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8850

8850 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-13242 code-projects Student Information System register.php sql injection — Student Information System 7.3 High2025-11-16
CVE-2025-13241 code-projects Student Information System index.php sql injection — Student Information System 7.3 High2025-11-16
CVE-2025-13240 code-projects Student Information System searchquery.php sql injection — Student Information System 7.3 High2025-11-16
CVE-2025-13237 itsourcecode Inventory Management System LogSignModal.PHP sql injection — Inventory Management System 7.3 High2025-11-16
CVE-2025-12482 Booking for Appointments and Events Calendar – Amelia <= 1.2.35 - Unauthenticated SQL Injection via search — Booking for Appointments and Events Calendar – Amelia 7.5 High2025-11-16
CVE-2025-13236 itsourcecode Inventory Management System index.php sql injection — Inventory Management System 6.3 Medium2025-11-16
CVE-2025-13235 itsourcecode Inventory Management System login.php sql injection — Inventory Management System 7.3 High2025-11-16
CVE-2025-13234 itsourcecode Inventory Management System index.php sql injection — Inventory Management System 6.3 Medium2025-11-16
CVE-2025-13233 itsourcecode Inventory Management System index.php sql injection — Inventory Management System 7.3 High2025-11-16
CVE-2025-13210 itsourcecode Inventory Management System index.php sql injection — Inventory Management System 4.7 Medium2025-11-15
CVE-2025-13208 FantasticLBP Hotels Server hotelList.php sql injection — Hotels Server 6.3 Medium2025-11-15
CVE-2025-13203 code-projects Simple Cafe Ordering System addmem.php sql injection — Simple Cafe Ordering System 7.3 High2025-11-15
CVE-2025-13201 code-projects Simple Cafe Ordering System login.php sql injection — Simple Cafe Ordering System 7.3 High2025-11-15
CVE-2025-8994 WP Project Manager <= 2.6.26 - Authenticated (Subscriber+) SQL Injection via 'completed_at_operator' — Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker 6.5 Medium2025-11-15
CVE-2025-13172 CodeAstro Gym Management System view-member-report.php sql injection — Gym Management System 6.3 Medium2025-11-14
CVE-2025-13171 ZZCMS wangkan_list.php sql injection — ZZCMS 6.3 Medium2025-11-14
CVE-2025-13170 code-projects Simple Online Hotel Reservation System edit_account.php sql injection — Simple Online Hotel Reservation System 7.3 High2025-11-14
CVE-2025-13169 code-projects Simple Online Hotel Reservation System add_query_reserve.php sql injection — Simple Online Hotel Reservation System 7.3 High2025-11-14
CVE-2025-13168 ury-erp ury pos_extend.py overrided_past_order_list sql injection — ury 6.3 Medium2025-11-14
CVE-2025-11981 School Management System – WPSchoolPress <= 2.2.23 - Authenticated (Administrator+) SQL Injection — School Management System – WPSchoolPress 4.9 Medium2025-11-14
CVE-2022-4984 ZenTao Biz < 6.5, Max < 3.0, & Open Source Edition 16.5/16.5beta1 SQL Injection via user-login.html — ZenTao Biz 7.5 -2025-11-13
CVE-2025-13123 AMTT Hotel Broadband Operation System get_firstdate.php sql injection — Hotel Broadband Operation System 6.3 Medium2025-11-13
CVE-2025-13122 SourceCodester Patients Waiting Area Queue Management System api_patient_checkin.php getPatientAppointment sql injection — Patients Waiting Area Queue Management System 7.3 High2025-11-13
CVE-2025-13121 cameasy Liketea API Endpoint StoreController.php list sql injection — Liketea 7.3 High2025-11-13
CVE-2025-12620 Poll Maker – Versus Polls, Anonymous Polls, Image Polls <= 6.0.7 - Authenticated (Administrator+) SQL Injection via `filterbyauthor` Parameter — Poll Maker – Versus Polls, Anonymous Polls, Image Polls 4.9 Medium2025-11-13
CVE-2025-13076 code-projects Responsive Hotel Site usersetting.php sql injection — Responsive Hotel Site 4.7 Medium2025-11-12
CVE-2025-13075 code-projects Responsive Hotel Site usersettingdel.php sql injection — Responsive Hotel Site 4.7 Medium2025-11-12
CVE-2025-13060 SourceCodester Survey Application System view_survey.php sql injection — Survey Application System 7.3 High2025-11-12
CVE-2025-13059 SourceCodester Alumni Management System manage_career.php sql injection — Alumni Management System 6.3 Medium2025-11-12
CVE-2025-13057 Campcodes School Fees Payment Management System ajax.php sql injection — School Fees Payment Management System 6.3 Medium2025-11-12

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8850 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.