Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8863

8863 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-25257 Fortinet FortiWeb SQL注入漏洞 — FortiWeb 9.6 Critical2025-07-17
CVE-2025-54062 WeGIA SQL Injection (Blind Time-Based) Vulnerability in id_dependente Parameter on profile_dependente.php Endpoint — WeGIA 9.8AICriticalAI2025-07-17
CVE-2025-54061 WeGIASQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarDoc.php Endpoint — WeGIA 8.1AIHighAI2025-07-17
CVE-2025-54060 WeGIA SQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarInfoPessoal.php Endpoint — WeGIA 8.1AIHighAI2025-07-17
CVE-2025-54058 WeGIA SQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarEndereco.php Endpoint — WeGIA 8.1AIHighAI2025-07-17
CVE-2025-53946 WeGIA vulnerable to SQL Injection in endpoint profile_paciente.php parameter id_fichamedica — WeGIA 9.1AICriticalAI2025-07-17
CVE-2025-7735 UNIMAX|Hospital Information System - SQL Injection — Hospital Information System 7.5 High2025-07-17
CVE-2025-20272 Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Blind SQL Injection Vulnerability — Cisco Evolved Programmable Network Manager (EPNM) 4.3 Medium2025-07-16
CVE-2025-53937 WeGIA has SQL Injection (Blind Time-Based) Vulnerability in `cargo` Parameter on `control.php` Endpoint — WeGIA 8.8AIHighAI2025-07-16
CVE-2025-24759 WordPress WP-BusinessDirectory <= 3.1.5 - SQL Injection vulnerability — WP-BusinessDirectory 9.3 Critical2025-07-16
CVE-2025-28959 WordPress URL Shortener <= 3.0.7 - SQL Injection Vulnerability — URL Shortener 9.3 Critical2025-07-16
CVE-2025-28982 WordPress WP Pipes plugin <= 1.4.3 - SQL Injection Vulnerability — WP Pipes 9.3 Critical2025-07-16
CVE-2025-30936 WordPress Torod plugin <= 2.1 - SQL Injection vulnerability — Torod 9.3 Critical2025-07-16
CVE-2025-32574 WordPress WPGYM plugin <= 65.0 - SQL Injection vulnerability — WPGYM 8.5 High2025-07-16
CVE-2025-47645 WordPress ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin <= 1.4.9 - Subscriber+ SQL Injection vulnerability — ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes 8.5 High2025-07-16
CVE-2025-49034 WordPress Funnel Builder by FunnelKit plugin <= 3.10.2 - SQL Injection vulnerability — Funnel Builder by FunnelKit 7.6 High2025-07-16
CVE-2025-49876 WordPress ProfileGrid plugin <= 5.9.5.2 - SQL Injection vulnerability — ProfileGrid 8.5 High2025-07-16
CVE-2025-52714 WordPress Traveler theme < 3.2.2 - SQL Injection Vulnerability — Traveler 9.3 Critical2025-07-16
CVE-2025-52819 WordPress Pakke Envíos plugin <= 1.0.2 - SQL Injection Vulnerability — Pakke Envíos 8.5 High2025-07-16
CVE-2025-48161 WordPress YaySMTP plugin <= 1.3 - SQL Injection Vulnerability — YaySMTP 7.6 High2025-07-16
CVE-2025-48299 WordPress YayExtra plugin <= 1.5.5 - SQL Injection Vulnerability — YayExtra 7.6 High2025-07-16
CVE-2025-48301 WordPress SMTP for SendGrid – YaySMTP plugin <= 1.5 - SQL Injection Vulnerability — SMTP for SendGrid – YaySMTP 7.6 High2025-07-16
CVE-2025-54043 WordPress SMTP for Amazon SES plugin <= 1.9 - SQL Injection Vulnerability — SMTP for Amazon SES 7.6 High2025-07-16
CVE-2025-54026 WordPress GymBase Theme Classes plugin <= 1.4 - SQL Injection Vulnerability — GymBase Theme Classes 8.5 High2025-07-16
CVE-2025-40985 SQL Injection in SCATI Vision Web — SCATI Vision Web 9.1AICriticalAI2025-07-16
CVE-2025-34112 Riverbed SteelCentral NetProfiler / NetExpress 10.8.7 RCE — SteelCentral NetExpress 8.8AIHighAI2025-07-15
CVE-2025-53823 WeGIA vulnerable to SQL Injection (Blind Time-Based) in `processa_deletar_socio.php` parameter `id_socio` — WeGIA 9.8AICriticalAI2025-07-14
CVE-2025-53639 Metersphere has SQL Injection Vulnerability in Sorting Field — metersphere 8.8AIHighAI2025-07-14
CVE-2025-7612 code-projects Mobile Shop login.php sql injection — Mobile Shop 7.3 High2025-07-14
CVE-2025-7611 code-projects Wedding Reservation global.php sql injection — Wedding Reservation 7.3 High2025-07-14

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8863 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.