Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8880

8880 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-0391 Guangzhou Huayi Intelligent Technology Jeewms CgFormBuildController. java saveOrUpdate sql injection — Jeewms 6.3 Medium2025-01-11
CVE-2025-0103 Expedition: SQL Injection Vulnerability — Cloud NGFW 8.1 -2025-01-11
CVE-2024-12404 CF Internal Link Shortcode <= 1.1.0 - Unauthenticated SQL Injection — CF Internal Link Shortcode 7.5 High2025-01-11
CVE-2024-9134 Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges. — Arista Edge Threat Management 8.3 High2025-01-10
CVE-2024-12473 AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Authenticated (Contributor+) SQL Injection — Opace AI Scribe: SEO Content Creator & Humaizer for OpenAI & Anthropic 6.5 Medium2025-01-10
CVE-2025-21628 Chatwoot has a Blind SQL-injection in Conversation and Contacts filters — chatwoot 9.1 Critical2025-01-09
CVE-2025-22505 WordPress NC Wishlist for Woocommerce Plugin <= 1.0.1 - SQL Injection vulnerability — NC Wishlist for Woocommerce 8.5 High2025-01-09
CVE-2025-22527 WordPress Mailing Group Listserv Plugin <= 2.0.9 - SQL Injection vulnerability — Mailing Group Listserv 7.6 High2025-01-09
CVE-2025-22535 WordPress WPListCal Plugin <= 1.3.5 - SQL Injection vulnerability — WPListCal 8.5 High2025-01-09
CVE-2025-22537 WordPress Google Maps Travel Route Plugin <= 1.3.1 - SQL Injection vulnerability — Google Maps Travel Route 8.5 High2025-01-09
CVE-2025-22540 WordPress Emailing Subscription Plugin <= 1.4.1 - SQL Injection vulnerability — Emailing Subscription 9.3 Critical2025-01-09
CVE-2025-22542 WordPress Virtual Bot Plugin <= 1.0.0 - SQL Injection vulnerability — Virtual Bot 9.3 Critical2025-01-09
CVE-2024-12067 WP Travel – Ultimate Travel Booking System, Tour Management Engine <= 10.0.0 - Authenticated (Subscriber+) SQL Injection — WP Travel – Ultimate Travel Booking System, Tour Management Engine 6.5 Medium2025-01-09
CVE-2025-0347 code-projects Admission Management System Login index.php sql injection — Admission Management System 7.3 High2025-01-09
CVE-2025-0345 leiyuxi cy-fast listData sql injection — cy-fast 6.3 Medium2025-01-09
CVE-2025-0344 leiyuxi cy-fast listData sql injection — cy-fast 6.3 Medium2025-01-09
CVE-2025-0340 code-projects Cinema Seat Reservation System deleteBooking.php sql injection — Cinema Seat Reservation System 7.3 High2025-01-09
CVE-2025-0336 Codezips Project Management System teacher.php sql injection — Project Management System 6.3 Medium2025-01-09
CVE-2025-0334 leiyuxi cy-fast listData sql injection — cy-fast 6.3 Medium2025-01-09
CVE-2025-0333 leiyuxi cy-fast listData sql injection — cy-fast 6.3 Medium2025-01-09
CVE-2024-13204 kurniaramadhan E-Commerce-PHP blog-details.php sql injection — E-Commerce-PHP 5.5 Medium2025-01-09
CVE-2024-13194 Sucms admin_members.php sql injection — Sucms 6.3 Medium2025-01-08
CVE-2024-13193 SEMCMS Image Library Management Page SEMCMS_Images.php sql injection — SEMCMS 6.3 Medium2025-01-08
CVE-2025-22141 WeGIA SQL Injection (Blind Time-Based) endpoint 'verificar_recursos_cargo.php' parameter 'cargo' — WeGIA 9.8 -2025-01-08
CVE-2025-22140 WeGIA SQL Injection (Blind Time-Based) endpoint 'dependente_listar_um.php' parameter 'id_dependente' — WeGIA 9.8 -2025-01-08
CVE-2024-11939 Cost Calculator Builder PRO <= 3.2.15 - Unauthenticated SQL Injection via data — Cost Calculator Builder PRO 7.5 High2025-01-08
CVE-2024-12030 MDTF – Meta Data and Taxonomies Filter <= 1.3.3.5 - Authenticated (Contributor+) SQL Injection — MDTF – Meta Data and Taxonomies Filter 6.5 Medium2025-01-08
CVE-2025-0300 code-projects Online Book Shop subcat.php sql injection — Online Book Shop 6.3 Medium2025-01-07
CVE-2025-22350 WordPress Indeed Ultimate Learning Pro plugin <= 3.9 - SQL Injection vulnerability — Ultimate Learning Pro 7.6 High2025-01-07
CVE-2025-0299 code-projects Online Book Shop search_result.php sql injection — Online Book Shop 6.3 Medium2025-01-07

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8880 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.