CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8853

8853 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-10575	WP jQuery Pager <= 1.4.0 - Authenticated (Contributor+) SQL Injection via Shortcode — WP jQuery Pager	6.5	Medium	2025-10-15
CVE-2025-10730	Wp tabber widget <= 4.0 - Authenticated (Contributor+) SQL Injection — Wp tabber widget	6.5	Medium	2025-10-15
CVE-2025-10045	onOffice for WP-Websites <= 6.5.1 - Authenticated (Editor+) SQL Injection — onOffice for WP-Websites	4.9	Medium	2025-10-15
CVE-2025-10310	Rich Snippet Site Report <= 2.0.0105 - Authenticated (Admin+) SQL Injection — Rich Snippet Site Report	4.9	Medium	2025-10-15
CVE-2025-10660	WP Dashboard Chat <= 1.0.3 - Authenticated (Contributor+) SQL Injection via id — WP Dashboard Chat	6.5	Medium	2025-10-15
CVE-2025-11501	Dynamically Display Posts <= 1.1 - Unauthenticated SQL Injection — Dynamically Display Posts	7.5	High	2025-10-15
CVE-2025-61675	FreePBX Endpoint Manager vulnerable to authenticated SQL injection in multiple configuration parameters — endpoint	8.1^AI	High^AI	2025-10-14
CVE-2025-11736	itsourcecode Online Examination System index.php sql injection — Online Examination System	7.3	High	2025-10-14
CVE-2025-59213	Configuration Manager Elevation of Privilege Vulnerability — Microsoft Configuration Manager	8.8	High	2025-10-14
CVE-2025-55320	Configuration Manager Elevation of Privilege Vulnerability — Microsoft Configuration Manager	6.8	Medium	2025-10-14
CVE-2025-10610	SQLi in SFS Winsure — Winsure	9.8	Critical	2025-10-14
CVE-2025-40755	Siemens SINEC NMS SQL注入漏洞 — SINEC NMS	8.8	High	2025-10-14
CVE-2025-62360	WeGIA SQL Injection via 'id_dependente' param at endpoint `/html/funcionario/dependente_documento.php` — WeGIA	8.8^AI	High^AI	2025-10-13
CVE-2025-62179	WeGIA SQL Injection via 'cpf' param at endpoint `/html/funcionario/cadastro_funcionario_pessoa_existente.php` — WeGIA	8.8^AI	High^AI	2025-10-13
CVE-2025-62384	Ivanti Endpoint Manager（EPM） SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-62386	Ivanti Endpoint Manager（EPM） SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-62383	Ivanti Endpoint Manager SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-62391	Ivanti Endpoint Manager（EPM） SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-62385	Ivanti Endpoint Manager SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-62387	Ivanti Endpoint Manager SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-62388	Ivanti Endpoint Manager SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-62389	Ivanti Endpoint Manager SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-62390	Ivanti Endpoint Manager（EPM） SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-62392	Ivanti Endpoint Manager SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-62177	WeGIA vulnerable to SQL Injection via 'id_funcionario' param at endpoint `/html/funcionario/dependente_listar.php` — WeGIA	8.8^AI	High^AI	2025-10-13
CVE-2025-11623	Ivanti Endpoint Manager SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-6919	SQLi in Cats Informatics' Aykome — Aykome License Tracking System	9.8	Critical	2025-10-13
CVE-2025-11668	code-projects Automated Voting System update_user.php sql injection — Automated Voting System	4.7	Medium	2025-10-13
CVE-2025-11667	code-projects Automated Voting System add_candidate_modal.php. sql injection — Automated Voting System	6.3	Medium	2025-10-13
CVE-2025-11664	Campcodes Online Beauty Parlor Management System search-appointment.php sql injection — Online Beauty Parlor Management System	4.7	Medium	2025-10-13

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8853 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8853