Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8861

8861 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-14939 code-projects Online Appointment Booking System deletemanager.php sql injection — Online Appointment Booking System 4.7 Medium2025-12-19
CVE-2025-14900 CodeAstro Real Estate Management System Administrator Endpoint userdelete.php sql injection — Real Estate Management System 4.7 Medium2025-12-19
CVE-2025-14899 CodeAstro Real Estate Management System Administrator Endpoint stateadd.php sql injection — Real Estate Management System 4.7 Medium2025-12-19
CVE-2025-14898 CodeAstro Real Estate Management System Administrator Endpoint userbuilderdelete.php sql injection — Real Estate Management System 4.7 Medium2025-12-18
CVE-2025-14897 CodeAstro Real Estate Management System Administrator Endpoint useragentdelete.php sql injection — Real Estate Management System 4.7 Medium2025-12-18
CVE-2025-46268 Advantech WebAccess/SCADA SQL Injection — WebAccess/SCADA 6.3 Medium2025-12-18
CVE-2023-53935 WBiz Desk 1.2 SQL Injection Vulnerability via ticket.php Parameter — WBiz Desk 5.4 Medium2025-12-18
CVE-2021-47711 Kentico Xperience <= 13.0.52 Online Marketing Macros SQL Injection — Xperience 8.8 High2025-12-18
CVE-2025-14877 Campcodes Supplier Management System add_retailer.php sql injection — Supplier Management System 7.3 High2025-12-18
CVE-2025-64371 WordPress Traveler theme < 3.2.6 - SQL Injection vulnerability — Traveler 8.5 High2025-12-18
CVE-2025-60062 WordPress tPlayer plugin <= 1.2.1.6 - SQL Injection vulnerability — tPlayer 9.3 Critical2025-12-18
CVE-2025-58951 WordPress Advance Seat Reservation Management for WooCommerce plugin <= 3.1 - SQL Injection vulnerability — Advance Seat Reservation Management for WooCommerce 9.3 Critical2025-12-18
CVE-2025-14314 WordPress PopupKit plugin <= 2.1.5 - SQL Injection vulnerability — PopupKit 8.5 High2025-12-18
CVE-2025-14834 code-projects Simple Stock System checkuser.php sql injection — Simple Stock System 6.3 Medium2025-12-17
CVE-2023-53917 Affiliate Me 5.0.1 SQL Injection Vulnerability via Admin Panel — Affiliate Me 6.5 Medium2025-12-17
CVE-2023-53926 PHPJabbers Simple CMS 5.0 SQL Injection via Column Parameter — Simple CMS 9.8 Critical2025-12-17
CVE-2025-14833 code-projects Online Appointment Booking System deletemanagerclinic.php sql injection — Online Appointment Booking System 7.3 High2025-12-17
CVE-2025-14832 itsourcecode Online Cake Ordering System updateproduct.php sql injection — Online Cake Ordering System 7.3 High2025-12-17
CVE-2025-68400 ChurchCRM vulnerable to time-based blind SQL Injection in ConfirmReportEmail.php — CRM 8.8AIHighAI2025-12-17
CVE-2025-68112 ChurchCRM has SQL injection in EditEventAttendees.php — CRM 9.6 Critical2025-12-17
CVE-2025-68111 ChurchCRM has SQL Injection in eGive Import Feature — CRM 7.2 High2025-12-17
CVE-2025-67877 ChurchCRM SQL Injection Vulnerability — CRM 8.8AIHighAI2025-12-17
CVE-2025-66396 ChurchCRM has SQL Injection in User Editor via `type` Parameter Key — CRM 7.2 High2025-12-17
CVE-2025-66395 SQL Injection in Event List via `WhichType` Parameter — CRM 8.8 High2025-12-17
CVE-2025-14780 Xiongwei Smart Catering Cloud Platform dish_trade_detail_get sql injection — Smart Catering Cloud Platform 6.3 Medium2025-12-16
CVE-2025-68056 WordPress LBG Zoominoutslider plugin <= 5.4.4 - SQL Injection vulnerability — LBG Zoominoutslider 8.5 High2025-12-16
CVE-2025-68053 WordPress xPromoter plugin <= 1.3.4 - SQL Injection vulnerability — xPromoter 8.5 High2025-12-16
CVE-2025-68055 WordPress Hydra Booking plugin <= 1.1.32 - SQL Injection vulnerability — Hydra Booking 8.5 High2025-12-16
CVE-2025-68054 WordPress CountDown With Image or Video Background plugin <= 1.5 - SQL Injection vulnerability — CountDown With Image or Video Background 8.5 High2025-12-16
CVE-2025-67999 WordPress Newsletter plugin <= 9.0.9 - SQL Injection vulnerability — Newsletter 7.6 High2025-12-16

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8861 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.