Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8851

8851 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-12257 SourceCodester Online Student Result System view_result.php sql injection — Online Student Result System 7.3 High2025-10-27
CVE-2025-12256 code-projects Online Event Judging System edit_contestant.php sql injection — Online Event Judging System 6.3 Medium2025-10-27
CVE-2025-12255 code-projects Online Event Judging System add_contestant.php sql injection — Online Event Judging System 6.3 Medium2025-10-27
CVE-2025-12254 code-projects Online Event Judging System add_judge.php sql injection — Online Event Judging System 6.3 Medium2025-10-27
CVE-2025-12253 AMTT Hotel Broadband Operation System get_expiredtime.php sql injection — Hotel Broadband Operation System 7.3 High2025-10-27
CVE-2025-12252 code-projects Online Event Judging System action.php sql injection — Online Event Judging System 6.3 Medium2025-10-27
CVE-2025-12248 CLTPHP search.html sql injection — CLTPHP 7.3 High2025-10-27
CVE-2025-12243 code-projects Client Details System GET Parameter welcome.php sql injection — Client Details System 6.3 Medium2025-10-27
CVE-2025-12242 CodeAstro Gym Management System check-attendance.php sql injection — Gym Management System 6.3 Medium2025-10-27
CVE-2025-12238 code-projects Automated Voting System user.php sql injection — Automated Voting System 6.3 Medium2025-10-27
CVE-2025-12237 projectworlds Advanced Library Management System index.php sql injection — Advanced Library Management System 7.3 High2025-10-27
CVE-2025-12226 SourceCodester Best House Rental Management System admin_class.php save_house sql injection — Best House Rental Management System 4.7 Medium2025-10-27
CVE-2025-12215 projectworlds Online Shopping System login_submit.php sql injection — Online Shopping System 7.3 High2025-10-27
CVE-2025-12208 SourceCodester Best House Rental Management System admin_class.php login2 sql injection — Best House Rental Management System 7.3 High2025-10-27
CVE-2025-8709 SQL Injection in langchain-ai/langchain — langchain-ai/langchain 9.8 -2025-10-26
CVE-2025-4203 wpForo Forum <= 2.4.8 - Unauthenticated SQL Injection via get_members Function — wpForo Forum 7.5 High2025-10-25
CVE-2025-8416 Product Filter by WBW <= 2.9.7 - Unauthenticated SQL Injection — Product Filter for WooCommerce by WBW 7.5 High2025-10-25
CVE-2025-9322 Stripe Payment Forms <= 8.3.1 - Unauthenticated SQL Injection — Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions 7.5 High2025-10-25
CVE-2025-11893 Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More <= 1.8.8.4 - Authenticated (Subscriber+) SQL Injection — Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More 6.5 Medium2025-10-25
CVE-2025-8536 SQL Injection in DobryCMS — DobryCMS 9.8 -2025-10-24
CVE-2025-11253 SQLi in Aksis Technologies' Netty ERP — Netty ERP 9.8 Critical2025-10-24
CVE-2025-10748 RapidResult <= 1.2 - Authenticated (Contributor+) SQL Injection — RapidResult 6.5 Medium2025-10-24
CVE-2025-10740 URL Shortener Plugin For WordPress <= 3.0.7 - Missing Authorization to Authenticated (Subscriber+) Link Manipulation — URL Shortener Plugin For WordPress 6.3 Medium2025-10-24
CVE-2025-62617 Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality — admidio 7.2 High2025-10-22
CVE-2025-62606 my little forum vulnerable to SQL Injection in Bookmark Reordering via bookmarks parameter — mylittleforum 8.8 High2025-10-22
CVE-2025-62015 WordPress Advanced Coupons for WooCommerce Coupons plugin <= 4.6.8 - SQL Injection vulnerability — Advanced Coupons for WooCommerce Coupons 7.6 High2025-10-22
CVE-2025-59557 WordPress Learts Addons Plugin < 1.7.5 - SQL Injection Vulnerability — Learts Addons 9.3 Critical2025-10-22
CVE-2025-49931 WordPress JetSearch plugin <= 3.5.10 - SQL Injection vulnerability — JetSearch 9.3 Critical2025-10-22
CVE-2025-49915 WordPress SMS Alert Order Notifications plugin <= 3.8.5 - SQL Injection vulnerability — SMS Alert Order Notifications 9.3 Critical2025-10-22
CVE-2025-49378 WordPress Hydra Booking plugin <= 1.1.10 - SQL Injection vulnerability — Hydra Booking 8.5 High2025-10-22

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8851 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.