Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8862

8862 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-58307 CSZCMS 1.3.0 Authenticated SQL Injection via Members View Endpoint — CSZCMS 8.1AIHighAI2025-12-11
CVE-2024-58301 Purei CMS 1.0 SQL Injection via Multiple Vulnerable Endpoints — Purei CMS 9.1AICriticalAI2025-12-11
CVE-2024-58290 Xhibiter NFT Marketplace 1.10.2 SQL Injection via Collections Endpoint — Xhibiter NFT Marketplace 9.1AICriticalAI2025-12-11
CVE-2025-14537 code-projects Class and Exam Timetable Management preview7.php sql injection — Class and Exam Timetable Management 7.3 High2025-12-11
CVE-2025-14536 code-projects Class and Exam Timetable Management Login index.php sql injection — Class and Exam Timetable Management 7.3 High2025-12-11
CVE-2025-13214 IBM Aspera Orchestrator SQL Injection — Aspera Orchestrator 7.6 High2025-12-11
CVE-2025-14529 Campcodes Retro Basketball Shoes Online Store admin_running.php sql injection — Retro Basketball Shoes Online Store 7.3 High2025-12-11
CVE-2025-14527 projectworlds Advanced Library Management System view_book.php sql injection — Advanced Library Management System 7.3 High2025-12-11
CVE-2025-14515 Campcodes Supplier Management System add_unit.php sql injection — Supplier Management System 7.3 High2025-12-11
CVE-2025-14514 Campcodes Supplier Management System add_distributor.php sql injection — Supplier Management System 7.3 High2025-12-11
CVE-2025-10163 List Category Posts <= 0.91.0 - Authenticated (Contributor+) SQL Injection via Plugin's Shortcode — List category posts 6.5 Medium2025-12-11
CVE-2025-67644 LangGraph SQLite Checkpoint is vulnerable to SQL Injection via metadata filter key in checkpointer list method — langgraph 7.3 High2025-12-10
CVE-2025-65950 WBCE CMS is Vulnerable to Time-Based Blind SQL Injection through groups[] Parameter — WBCE_CMS 8.8AIHighAI2025-12-10
CVE-2025-67501 WeGIA is vulnerable to SQL Injection via editar_categoria endpoint parameter — WeGIA 8.8AIHighAI2025-12-09
CVE-2021-47708 COMMAX Smart Home IoT Control System SQL Injection Authentication Bypass — Smart Home IoT Control System 9.8AICriticalAI2025-12-09
CVE-2021-47704 OpenBMCS SQL Injection via obix_test.php — OpenBMCS 6.5AIMediumAI2025-12-09
CVE-2025-14337 itsourcecode Student Management System new_grade.php sql injection — Student Management System 7.3 High2025-12-09
CVE-2025-14336 itsourcecode Student Management System promote.php sql injection — Student Management System 7.3 High2025-12-09
CVE-2025-14335 itsourcecode Student Management System new_school_year.php sql injection — Student Management System 7.3 High2025-12-09
CVE-2025-14334 itsourcecode Student Management System new_adviser.php sql injection — Student Management System 7.3 High2025-12-09
CVE-2025-64156 Fortinet FortiVoice SQL注入漏洞 — FortiVoice 6.8 High2025-12-09
CVE-2025-62093 WordPress Image&Video FullScreen Background plugin <= 1.6.7 - SQL Injection vulnerability — Image&Video FullScreen Background 8.5 High2025-12-09
CVE-2025-10655 Frappe Helpdesk 1.14.0 — SQL Injection in dashboard get_dashboard_data — Frappe HelpDesk 8.8AIHighAI2025-12-09
CVE-2025-12504 SQLi in Talent Software's UNIS — UNIS 9.8 Critical2025-12-09
CVE-2025-67520 WordPress Media Library Tools plugin <= 1.6.15 - SQL Injection vulnerability — Media Library Tools 7.6 High2025-12-09
CVE-2025-67518 WordPress Accordion Slider PRO plugin <= 1.2 - SQL Injection vulnerability — Accordion Slider PRO 8.5 High2025-12-09
CVE-2025-67519 WordPress Ninja Tables plugin <= 5.2.3 - SQL Injection vulnerability — Ninja Tables 7.6 High2025-12-09
CVE-2025-67517 WordPress ArtPlacer Widget plugin <= 2.22.9.2 - SQL Injection vulnerability — ArtPlacer Widget 8.5 High2025-12-09
CVE-2025-67516 WordPress Store Locator WordPress plugin <= 1.6.2 - SQL Injection vulnerability — Store Locator WordPress 8.5 High2025-12-09
CVE-2025-12807 FactoryTalk® DataMosaix™ Private Cloud SQL Injection — FactoryTalk® DataMosaix™ Private Cloud 8.8AIHighAI2025-12-09

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8862 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.