Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8862

8862 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-14637 itsourcecode Online Pet Shop Management System addcnp.php sql injection — Online Pet Shop Management System 7.3 High2025-12-13
CVE-2025-14623 code-projects Student File Management System update_student.php sql injection — Student File Management System 7.3 High2025-12-13
CVE-2025-14622 code-projects Student File Management System save_user.php sql injection — Student File Management System 7.3 High2025-12-13
CVE-2025-14621 code-projects Student File Management System update_user.php sql injection — Student File Management System 7.3 High2025-12-13
CVE-2025-14620 code-projects Student File Management System login_query.php sql injection — Student File Management System 7.3 High2025-12-13
CVE-2025-14619 code-projects Student File Management System login_query.php sql injection — Student File Management System 7.3 High2025-12-13
CVE-2025-14590 code-projects Prison Management System search1.php sql injection — Prison Management System 7.3 High2025-12-13
CVE-2025-14589 code-projects Prison Management System search.php sql injection — Prison Management System 6.3 Medium2025-12-13
CVE-2025-14588 itsourcecode Student Management System update_program.php sql injection — Student Management System 7.3 High2025-12-13
CVE-2025-14587 itsourcecode Online Pet Shop Management System available.php sql injection — Online Pet Shop Management System 7.3 High2025-12-13
CVE-2025-10289 Filter & Grids <= 3.2.0 - Unauthenticated SQL Injection — YMC Filter 5.9 Medium2025-12-13
CVE-2025-10738 URL Shortener Plugin For WordPress <= 3.0.7 - Unauthenticated SQL Injection — URL Shortener Plugin For WordPress 9.8 Critical2025-12-13
CVE-2025-13077 افزونه پیامک ووکامرس فوق حرفه ای (جدید) payamito sms woocommerce <= 1.3.5 - Unauthenticated Time-Based Blind SQL Injection — افزونه پیامک ووکامرس فوق حرفه ای (جدید) payamito sms woocommerce 7.5 High2025-12-13
CVE-2025-14050 Design Import/Export <= 2.2 - Authenticated (Administrator+) SQL Injection via XML File Import — Design Import/Export – Styles, Templates, Template Parts and Patterns 4.9 Medium2025-12-13
CVE-2025-13089 WP Directory Kit <= 1.4.7 - Unauthenticated SQL Injection — WP Directory Kit 7.5 High2025-12-13
CVE-2025-14477 404 Solution <= 3.1.0 - Authenticated (Admin+) SQL Injection via 'filterText' Parameter — 404 Solution 4.9 Medium2025-12-13
CVE-2025-14585 itsourcecode COVID Tracking System page sql injection — COVID Tracking System 7.3 High2025-12-12
CVE-2025-14584 itsourcecode COVID Tracking System Admin Login login.php sql injection — COVID Tracking System 7.3 High2025-12-12
CVE-2024-58316 Online Shopping System Advanced 1.0 SQL Injection via Payment Success Parameter — online-shopping-system-advanced 7.5 High2025-12-12
CVE-2025-14578 itsourcecode Student Management System update_account.php sql injection — Student Management System 7.3 High2025-12-12
CVE-2025-14571 projectworlds Advanced Library Management System borrow_book.php sql injection — Advanced Library Management System 7.3 High2025-12-12
CVE-2025-14570 projectworlds Advanced Library Management System view_admin.php sql injection — Advanced Library Management System 7.3 High2025-12-12
CVE-2025-14568 haxxorsid Stock-Management-System User.php sql injection — Stock-Management-System 6.3 Medium2025-12-12
CVE-2025-14566 kidaze CourseSelectionSystem reg.php sql injection — CourseSelectionSystem 7.3 High2025-12-12
CVE-2025-14565 kidaze CourseSelectionSystem login1.php sql injection — CourseSelectionSystem 7.3 High2025-12-12
CVE-2025-14169 FunnelKit – Funnel Builder for WooCommerce Checkout <= 3.13.1.5 - Unauthenticated SQL Injection — FunnelKit – Funnel Builder for WooCommerce Checkout 7.5 High2025-12-12
CVE-2025-14068 WPNakama <= 0.6.3 - Unauthenticated SQL Injection via 'order_by' Parameter — WPNakama – Team and multi-Client Collaboration, Editorial and Project Management 7.5 High2025-12-12
CVE-2025-62192 Japan Total System多款产品 SQL注入漏洞 — GroupSession Free edition 8.1AIHighAI2025-12-12
CVE-2024-58309 xbtitFM 4.1.18 Unauthenticated SQL Injection in shoutedit.php — xbtitFM 9.8AICriticalAI2025-12-11
CVE-2024-58308 Quick.CMS 6.7 SQL Injection Authentication Bypass via Admin Login — Quick.CMS 9.8AICriticalAI2025-12-11

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8862 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.