Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8851

8851 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-48091 WordPress AnyComment plugin <= 0.3.6 - SQL Injection vulnerability — AnyComment 8.5 High2025-10-22
CVE-2025-57870 BUG-000179884 - There is a security vulnerability in ArcGIS Server Feature Services. — ArcGIS Server 10.0 Critical2025-10-22
CVE-2025-10047 Email Tracker <= 5.3.15 - Authenticated (Admin+) SQL Injection — Email Tracker 4.9 Medium2025-10-22
CVE-2025-9339 SQL Injection in SIMPLE.ERP — SIMPLE.ERP 7.1AIHighAI2025-10-21
CVE-2025-9428 SQL Injection — Analytics Plus 8.3 High2025-10-21
CVE-2025-26392 SolarWinds Observability Self-Hosted SQL Injection Vulnerability — Observability Self-Hosted 5.4 Medium2025-10-21
CVE-2025-62658 SQL injection in WatchAnalytics through Special:ClearPendingReviews — MediaWiki WatchAnalytics extension 9.8AICriticalAI2025-10-20
CVE-2025-47902 SQL Injection in web resource — Time Provider 4100 9.8AICriticalAI2025-10-20
CVE-2025-41028 SQL injection in Epsilon RH — Epsilon RH 9.8AICriticalAI2025-10-20
CVE-2025-11944 givanz Vvveb Raw SQL import.php import sql injection — Vvveb 4.7 Medium2025-10-19
CVE-2025-11691 PPOM – Product Addons & Custom Fields for WooCommerce <= 33.0.15 - Unauthenticated SQL Injection — PPOM – Product Addons & Custom Fields for WooCommerce 7.5 High2025-10-18
CVE-2025-10187 GSpeech TTS – WordPress Text To Speech Plugin <= 3.17.13 - Authenticated (Admin+) SQL injection — GSpeech TTS – WordPress Text To Speech Plugin 4.9 Medium2025-10-18
CVE-2025-62655 SQL injection in Cargo via Special:CargoExport — MediaWiki Cargo extension 9.8AICriticalAI2025-10-17
CVE-2025-11912 Shenzhen Ruiming Technology Streamax Crocus DeviceState.do Query sql injection — Streamax Crocus 6.3 Medium2025-10-17
CVE-2025-11911 Shenzhen Ruiming Technology Streamax Crocus DeviceFault.do Query sql injection — Streamax Crocus 6.3 Medium2025-10-17
CVE-2025-11910 Shenzhen Ruiming Technology Streamax Crocus MemoryState.do query sql injection — Streamax Crocus 6.3 Medium2025-10-17
CVE-2025-11909 Shenzhen Ruiming Technology Streamax Crocus RepairRecord.do queryLast sql injection — Streamax Crocus 6.3 Medium2025-10-17
CVE-2025-62422 DataEase SQL injection vulnerability — dataease 9.8AICriticalAI2025-10-17
CVE-2025-11904 yanyutao0402 ChanCMS hasUse sql injection — ChanCMS 6.3 Medium2025-10-17
CVE-2025-11903 yanyutao0402 ChanCMS update sql injection — ChanCMS 6.3 Medium2025-10-17
CVE-2025-11902 yanyutao0402 ChanCMS findField sql injection — ChanCMS 6.3 Medium2025-10-17
CVE-2025-62423 ClipBucket V5 Blind SQL injection in the Admin Panel — clipbucket-v5 6.7 Medium2025-10-16
CVE-2025-41019 SQL injection vulnerability in Sergestec's Exito — SISTICK 9.8AICriticalAI2025-10-16
CVE-2025-41018 SQL injection vulnerability in Sergestec's Exito — Exito 9.8AICriticalAI2025-10-16
CVE-2025-10682 TARIFFUXX <= 1.4 - Authenticated (Contributor+) SQL Injection via tariffuxx_configurator Shortcode — TARIFFUXX 6.5 Medium2025-10-15
CVE-2025-11365 WP Google Map Plugin <= 1.0 - Authenticated (Contributor+) SQL Injection — WP Google Map Plugin 6.5 Medium2025-10-15
CVE-2025-10743 Outdoor <= 1.3.2 - Unauthenticated SQL Injection — Outdoor 7.5 High2025-10-15
CVE-2025-11177 External Login <= 1.11.2 - Unauthenticated SQL Injection via log — External Login 7.5 High2025-10-15
CVE-2025-10575 WP jQuery Pager <= 1.4.0 - Authenticated (Contributor+) SQL Injection via Shortcode — WP jQuery Pager 6.5 Medium2025-10-15
CVE-2025-10730 Wp tabber widget <= 4.0 - Authenticated (Contributor+) SQL Injection — Wp tabber widget 6.5 Medium2025-10-15

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8851 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.