Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8861

8861 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-55168 WeGIA SQL Injection via id_fichamedica at endpoint `GET /html/saude/aplicar_medicamento.php` — WeGIA 9.8AICriticalAI2025-08-12
CVE-2025-47954 Microsoft SQL Server Elevation of Privilege Vulnerability — Microsoft SQL Server 2022 (CU 20) 8.8 High2025-08-12
CVE-2025-49759 Microsoft SQL Server Elevation of Privilege Vulnerability — Microsoft SQL Server 2016 Service Pack 3 (GDR) 8.8 High2025-08-12
CVE-2025-53727 Microsoft SQL Server Elevation of Privilege Vulnerability — Microsoft SQL Server 2016 Service Pack 3 (GDR) 8.8 High2025-08-12
CVE-2025-55167 WeGIA SQL Injection via id_fichamedica at endpoint `GET/html/funcionario/dependente_remover.php` — WeGIA 9.8AICriticalAI2025-08-12
CVE-2025-8296 Ivanti Avalanche SQL注入漏洞 — Avalanche 7.2 High2025-08-12
CVE-2025-55156 PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter — pyload 9.1AICriticalAI2025-08-11
CVE-2024-32640 MasaCMS SQL Injection vulnerability — MasaCMS 9.8 Critical2025-08-11
CVE-2025-8811 code-projects Simple Art Gallery registration.php sql injection — Simple Art Gallery 7.3 High2025-08-10
CVE-2025-8809 code-projects Online Medicine Guide addelidetails.php sql injection — Online Medicine Guide 7.3 High2025-08-10
CVE-2025-8806 zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 treeData sql injection — ADP Application Developer Platform 应用开发者平台 6.3 Medium2025-08-10
CVE-2025-8773 Dinstar Monitoring Platform 甘肃省危险品库监控平台 login_getPasswordErrorNum.action sql injection — Monitoring Platform 甘肃省危险品库监控平台 7.3 High2025-08-09
CVE-2025-8744 CesiumLab Web lodmodels sql injection — Web 7.3 High2025-08-08
CVE-2012-10047 Cyclope Employee Surveillance Solution v6.x SQL Injection — Cyclope Employee Surveillance Solution 9.8 -2025-08-08
CVE-2025-8706 Wanzhou WOES Intelligent Optimization Energy Saving System Energy Overview Module CreateFunctionLog sql injection — WOES Intelligent Optimization Energy Saving System 6.3 Medium2025-08-08
CVE-2025-8705 Wanzhou WOES Intelligent Optimization Energy Saving System Energy Overview Module GetTargetConfig sql injection — WOES Intelligent Optimization Energy Saving System 6.3 Medium2025-08-08
CVE-2025-8704 Wanzhou WOES Intelligent Optimization Energy Saving System Analysis Conclusion Query Module GetAlarmResultProcessList sql injection — WOES Intelligent Optimization Energy Saving System 6.3 Medium2025-08-08
CVE-2025-8703 Wanzhou WOES Intelligent Optimization Energy Saving System Environmental Real-Time Data Module GetAreaTrendChartData sql injection — WOES Intelligent Optimization Energy Saving System 6.3 Medium2025-08-08
CVE-2025-8702 Wanzhou WOES Intelligent Optimization Energy Saving System Historical Data Query Module GetVariableByOneIDNew sql injection — WOES Intelligent Optimization Energy Saving System 6.3 Medium2025-08-07
CVE-2025-8701 Wanzhou WOES Intelligent Optimization Energy Saving System GetPageList sql injection — WOES Intelligent Optimization Energy Saving System 6.3 Medium2025-08-07
CVE-2025-54788 SuiteCRM: Authenticated Blind SQL Injection in InboundEmail module — SuiteCRM 8.8 High2025-08-06
CVE-2025-6986 FileBird – WordPress Media Library Folders & File Manager <= 6.4.8 - Authenticated (Author+) SQL Injection — FileBird – WordPress Media Library Folders & File Manager 6.5 Medium2025-08-06
CVE-2025-7036 CleverReach WP <= 1.5.20 - Unauthenticated SQL Injection via title Parameter — CleverReach® WP 7.5 High2025-08-06
CVE-2025-54119 ADOdb's sqlite3 driver allows SQL injection — ADOdb 10.0 Critical2025-08-05
CVE-2025-54865 Tilesheets MediaWiki Extension is Vulnerable to Potential SQL Injection — Tilesheets 7.3 High2025-08-05
CVE-2025-8503 code-projects Online Medicine Guide adaddmed.php sql injection — Online Medicine Guide 7.3 High2025-08-03
CVE-2025-8502 code-projects Online Medicine Guide changepass.php sql injection — Online Medicine Guide 7.3 High2025-08-03
CVE-2025-8500 code-projects Human Resource Integrated System action.php sql injection — Human Resource Integrated System 6.3 Medium2025-08-03
CVE-2025-8499 code-projects Online Medicine Guide cusfindambulence2.php sql injection — Online Medicine Guide 7.3 High2025-08-03
CVE-2025-8498 code-projects Online Medicine Guide index.php sql injection — Online Medicine Guide 7.3 High2025-08-03

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8861 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.