Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8850

8850 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-52425 QuMagie — QuMagie 9.8 -2025-11-07
CVE-2025-12860 DedeBIZ freelist_main.php sql injection — DedeBIZ 4.7 Medium2025-11-07
CVE-2025-12859 DedeBIZ templets_one_edit.php sql injection — DedeBIZ 4.7 Medium2025-11-07
CVE-2025-12857 code-projects Responsive Hotel Site roombook.php sql injection — Responsive Hotel Site 4.7 Medium2025-11-07
CVE-2025-12856 code-projects Responsive Hotel Site reservation.php sql injection — Responsive Hotel Site 4.7 Medium2025-11-07
CVE-2025-12855 code-projects Responsive Hotel Site newsletterdel.php sql injection — Responsive Hotel Site 4.7 Medium2025-11-07
CVE-2025-10968 SQLi in GG Soft's PaperWork — PaperWork 8.8 High2025-11-07
CVE-2025-12853 SourceCodester Best House Rental Management System admin_class.php delete_house sql injection — Best House Rental Management System 4.7 Medium2025-11-07
CVE-2025-10870 SQL injection in DIAL's CentrosNet — CentrosNet 9.8 -2025-11-07
CVE-2022-50589 SuiteCRM < 7.12.6 SQL Injection via 'export' Functionality — SuiteCRM 9.8 -2025-11-06
CVE-2022-50595 Advantech iView < v5.7.04 Build 6425 ztp_search_value Parameter SQL Injection RCE — iView 9.8 -2025-11-06
CVE-2022-50591 Advantech iView < v5.7.04 Build 6425 ztp_config_id Parameter SQL Injection Information Disclosure — iView 9.1 -2025-11-06
CVE-2022-50593 Advantech iView < v5.7.04 Build 6425 search_term Parameter SQL Injection RCE — iView 9.8 -2025-11-06
CVE-2022-50592 Advantech iView < v5.7.04 Build 6425 getInventoryReportData Parameter SQL Injection RCE — iView 9.8 -2025-11-06
CVE-2022-50594 Advantech iView < v5.7.04 Build 6425 data Parameter SQL Injection Information Disclosure — iView 7.5 -2025-11-06
CVE-2025-34247 Advantech WebAccess/VPN < 1.1.5 SQL Injection via NetworksController.addNetworkAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-34246 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxPrevalidationController.ajaxAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-34245 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxStandaloneVpnClientsController.ajaxAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-34244 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxDeviceFwRulesAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-34243 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxNetworkFwRulesAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-34242 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxNetworkController.ajaxAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-34241 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxDeviceController.ajaxDeviceAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-34240 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AppManagementController.appUpgradeAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-60239 WordPress CoSchool LMS plugin <= 1.4.3 - SQL Injection vulnerability — CoSchool LMS 8.5 High2025-11-06
CVE-2025-52773 WordPress HieCOR Payment Gateway plugin plugin <= 1.5.11 - SQL Injection vulnerability — HieCOR Payment Gateway Plugin 9.3 Critical2025-11-06
CVE-2025-48089 WordPress Education WordPress Theme | HiStudy theme < 3.1.0 - SQL Injection vulnerability — Education WordPress Theme | HiStudy 9.3 Critical2025-11-06
CVE-2025-28953 WordPress smart SEO plugin <= 4.0 - SQL Injection Vulnerability — smart SEO 8.5 High2025-11-06
CVE-2025-10683 Easy Email Subscription <= 1.3 - Authenticated (Admin+) SQL Injection via uid — Easy Email Subscription 4.9 Medium2025-11-06
CVE-2025-64114 ClipBucket v5: SQL Injection possible through ClipBucket Custom Fields plugin — clipbucket-v5 6.5 Medium2025-11-05
CVE-2025-64459 Potential SQL injection via _connector keyword argument in QuerySet and Q objects — Django 9.8 -2025-11-05

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8850 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.