Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8861

8861 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-9425 itsourcecode Online Tour and Travel Management System enquiry.php sql injection — Online Tour and Travel Management System 7.3 High2025-08-25
CVE-2025-9423 Campcodes Online Water Billing System editecex.php sql injection — Online Water Billing System 7.3 High2025-08-25
CVE-2025-9421 itsourcecode Apartment Management System addcomplain.php sql injection — Apartment Management System 7.3 High2025-08-25
CVE-2025-9420 itsourcecode Apartment Management System addfloor.php sql injection — Apartment Management System 7.3 High2025-08-25
CVE-2025-9419 itsourcecode Apartment Management System addunit.php sql injection — Apartment Management System 7.3 High2025-08-25
CVE-2025-9418 itsourcecode Apartment Management System addowner.php sql injection — Apartment Management System 7.3 High2025-08-25
CVE-2025-9417 itsourcecode Apartment Management System addemployee.php sql injection — Apartment Management System 6.3 Medium2025-08-25
CVE-2025-9413 lostvip-com ruoyi-go system_router.go SelectListByPage sql injection — ruoyi-go 6.3 Medium2025-08-25
CVE-2025-9412 lostvip-com ruoyi-go DictDataDao.go SelectListByPage sql injection — ruoyi-go 6.3 Medium2025-08-25
CVE-2025-9411 lostvip-com ruoyi-go LoginInforService.go SelectPageList sql injection — ruoyi-go 6.3 Medium2025-08-25
CVE-2025-9410 lostvip-com ruoyi-go GenTableDao.go SelectListByPage sql injection — ruoyi-go 6.3 Medium2025-08-25
CVE-2025-9399 YiFang CMS L_tool.php sql injection — CMS 6.3 Medium2025-08-25
CVE-2025-9391 Bjskzy Zhiyou ERP com.artery.workflow.ServiceImpl getFieldValue sql injection — Zhiyou ERP 6.3 Medium2025-08-24
CVE-2025-6791 Second order SQL injection available to user with low privilege — web 8.8 High2025-08-22
CVE-2025-4650 User with high privileges is able to introduce a SQLi using the Meta Service indicator page — web 7.2 High2025-08-22
CVE-2025-9255 Uniong|WebITR - SQL Injection — WebITR 7.5 High2025-08-22
CVE-2025-9311 itsourcecode Apartment Management System addfair.php sql injection — Apartment Management System 7.3 High2025-08-21
CVE-2025-57761 WeGIA SQL Injection vulnerability via 'id_funcionario' param at endpoint `/html/funcionario/dependente_remover.php` — WeGIA 9.8AICriticalAI2025-08-21
CVE-2025-9307 PHPGurukul Online Course Registration session.php sql injection — Online Course Registration 7.3 High2025-08-21
CVE-2025-9305 SourceCodester Online Bank Management System mnotice.php sql injection — Online Bank Management System 7.3 High2025-08-21
CVE-2025-9304 SourceCodester Online Bank Management System show.php sql injection — Online Bank Management System 7.3 High2025-08-21
CVE-2025-9302 PHPGurukul User Management System signup.php sql injection — User Management System 7.3 High2025-08-21
CVE-2025-9238 Swatadru Exam-Seating-Arrangement Student Login student.php sql injection — Exam-Seating-Arrangement 7.3 High2025-08-20
CVE-2025-9236 Portabilis i-Educar Tipos de usuàrio educar_tipo_usuario_lst.php sql injection — i-Educar 6.3 Medium2025-08-20
CVE-2025-55732 Frappe has the possibility of SQL Injection due to improper validations — frappe 7.5AIHighAI2025-08-20
CVE-2025-55731 Frappe has the possibility of Authenticated SQL Injection due to improper validations — frappe 7.5AIHighAI2025-08-20
CVE-2025-49891 WordPress Uxper Booking Plugin <= 1.3.3 - SQL Injection Vulnerability — Uxper Booking 8.5 High2025-08-20
CVE-2025-54048 WordPress Custom API for WP <= 4.2.2 - SQL Injection Vulnerability — Custom API for WP 9.3 Critical2025-08-20
CVE-2025-54726 WordPress JS Archive List Plugin < 6.1.6 - SQL Injection Vulnerability — JS Archive List 9.3 Critical2025-08-20
CVE-2025-9156 itsourcecode Sports Management System sports.php sql injection — Sports Management System 7.3 High2025-08-19

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8861 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.