Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8861

8861 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-0729 code-projects Intern Membership Management System add_activity.php sql injection — Intern Membership Management System 4.7 Medium2026-01-08
CVE-2026-0728 code-projects Intern Membership Management System delete_admin.php sql injection — Intern Membership Management System 4.7 Medium2026-01-08
CVE-2026-21892 Parsl Monitoring Visualization Vulnerable to SQL Injection — parsl 5.3 Medium2026-01-08
CVE-2025-67928 WordPress Automotive Listings plugin <= 18.6 - SQL Injection vulnerability — Automotive Listings 9.3 Critical2026-01-08
CVE-2025-67921 WordPress Lobo theme < 2.8.6 - SQL Injection vulnerability — Lobo 8.5 High2026-01-08
CVE-2025-22728 WordPress Workreap (theme's plugin) plugin <= 3.3.6 - SQL Injection vulnerability — Workreap (theme's plugin) 8.5 High2026-01-08
CVE-2025-23993 WordPress Felan Framework plugin <= 1.1.3 - SQL Injection vulnerability — Felan Framework 9.3 Critical2026-01-08
CVE-2025-22713 WordPress WooCommerce Orders & Customers Exporter plugin <= 5.4 - SQL Injection vulnerability — WooCommerce Orders & Customers Exporter 8.5 High2026-01-08
CVE-2026-0701 code-projects Intern Membership Management System add_admin.php sql injection — Intern Membership Management System 4.7 Medium2026-01-08
CVE-2026-0700 code-projects Intern Membership Management System check_admin.php sql injection — Intern Membership Management System 7.3 High2026-01-08
CVE-2026-0699 code-projects Intern Membership Management System edit_activity.php sql injection — Intern Membership Management System 4.7 Medium2026-01-08
CVE-2026-0698 code-projects Intern Membership Management System edit_students.php sql injection — Intern Membership Management System 4.7 Medium2026-01-08
CVE-2026-0697 code-projects Intern Membership Management System edit_admin.php sql injection — Intern Membership Management System 4.7 Medium2026-01-08
CVE-2026-21875 ClipBucket v5 Vulnerable to Blind SQL Injection through Channel Comments — clipbucket-v5 9.8 Critical2026-01-07
CVE-2023-7333 bluelabsio records-mover Table Object sql injection — records-mover 5.3 Medium2026-01-07
CVE-2026-21856 Tarkov Data Manager has Authenticated SQL Injection — tarkov-data-manager 7.2 High2026-01-07
CVE-2025-32303 WordPress WPCHURCH plugin <= 2.7.0 - SQL Injection Vulnerability — WPCHURCH 9.3 Critical2026-01-07
CVE-2025-69351 WordPress Ninja Tables plugin <= 5.2.4 - SQL Injection vulnerability — Ninja Tables 8.5 High2026-01-06
CVE-2025-9318 Quiz and Survey Master (QSM) <= 10.3.1 - Authenticated (Subscriber+) SQL Injection via `is_linking` Query Parameter — Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker 6.5 Medium2026-01-06
CVE-2025-14153 Page Expire Popup/Redirection for WordPress <= 1.0 - Authenticated (Author+) SQL Injection via 'id' Shortcode Attribute — Page Expire Popup/Redirection for WordPress 6.5 Medium2026-01-06
CVE-2025-13652 CBX Bookmark & Favorite <= 2.0.4 - Authenticated (Subscriber+) SQL Injection via `orderby` Parameter — CBX Bookmark & Favorite 6.5 Medium2026-01-06
CVE-2025-13409 Form Vibes – Database Manager for Forms <= 1.4.13 - Authenticated (Admin+) SQL Injection — Form Vibes – Database Manager for Forms 4.9 Medium2026-01-06
CVE-2026-0607 code-projects Online Music Site AdminViewSongs.php sql injection — Online Music Site 7.3 High2026-01-05
CVE-2026-0606 code-projects Online Music Site Albums.php sql injection — Online Music Site 7.3 High2026-01-05
CVE-2026-0605 code-projects Online Music Site login.php sql injection — Online Music Site 7.3 High2026-01-05
CVE-2025-39484 WordPress Entrada Theme <= 5.7.7 - SQL Injection vulnerability — Entrada 9.3 Critical2026-01-05
CVE-2025-15029 An unauthenticated user is able to introduce SQL Injection using the Awie export module — Infra Monitoring 9.8 Critical2026-01-05
CVE-2026-0597 Campcodes Supplier Management System edit_profile.php sql injection — Supplier Management System 6.3 Medium2026-01-05
CVE-2026-0592 code-projects Online Product Reservation System User Registration register_code.php sql injection — Online Product Reservation System 7.3 High2026-01-05
CVE-2026-0591 code-projects Online Product Reservation System Cart Update update.php sql injection — Online Product Reservation System 6.3 Medium2026-01-05

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8861 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.