Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8863

8863 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-34246 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxPrevalidationController.ajaxAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-34245 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxStandaloneVpnClientsController.ajaxAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-34244 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxDeviceFwRulesAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-34243 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxNetworkFwRulesAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-34242 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxNetworkController.ajaxAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-34241 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxDeviceController.ajaxDeviceAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-34240 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AppManagementController.appUpgradeAction() — WebAccess/VPN 6.5 -2025-11-06
CVE-2025-60239 WordPress CoSchool LMS plugin <= 1.4.3 - SQL Injection vulnerability — CoSchool LMS 8.5 High2025-11-06
CVE-2025-52773 WordPress HieCOR Payment Gateway plugin plugin <= 1.5.11 - SQL Injection vulnerability — HieCOR Payment Gateway Plugin 9.3 Critical2025-11-06
CVE-2025-48089 WordPress Education WordPress Theme | HiStudy theme < 3.1.0 - SQL Injection vulnerability — Education WordPress Theme | HiStudy 9.3 Critical2025-11-06
CVE-2025-28953 WordPress smart SEO plugin <= 4.0 - SQL Injection Vulnerability — smart SEO 8.5 High2025-11-06
CVE-2025-10683 Easy Email Subscription <= 1.3 - Authenticated (Admin+) SQL Injection via uid — Easy Email Subscription 4.9 Medium2025-11-06
CVE-2025-64114 ClipBucket v5: SQL Injection possible through ClipBucket Custom Fields plugin — clipbucket-v5 6.5 Medium2025-11-05
CVE-2025-64459 Potential SQL injection via _connector keyword argument in QuerySet and Q objects — Django 9.8 -2025-11-05
CVE-2025-12197 The Events Calendar 6.15.1.1 - 6.15.9 - Unauthenticated SQL Injection via s — The Events Calendar 7.5 High2025-11-05
CVE-2025-32786 GLPI Inventory Plugin is Vulnerable to Unauthenticated SQL Injection — glpi-inventory-plugin 7.5 High2025-11-04
CVE-2025-12463 Unauthenticated SQL Injection in Guetebruck G-Cam Series Cameras — G-Cam 9.8 Critical2025-11-03
CVE-2025-12503 Digiwin|EasyFlow .NET and EasyFlow AiNet — EasyFlow .NET 6.5 Medium2025-11-03
CVE-2025-12617 itsourcecode Billing System login_crud.php sql injection — Billing System 7.3 High2025-11-03
CVE-2025-12614 SourceCodester Best House Rental Management System admin_class.php delete_payment sql injection — Best House Rental Management System 4.7 Medium2025-11-03
CVE-2025-12612 Campcodes School Fees Payment Management System ajax.php sql injection — School Fees Payment Management System 6.3 Medium2025-11-03
CVE-2025-12610 CodeAstro Gym Management System view-progress-report.php sql injection — Gym Management System 4.7 Medium2025-11-03
CVE-2025-12609 CodeAstro Gym Management System update-progress.php sql injection — Gym Management System 4.7 Medium2025-11-03
CVE-2025-12608 itsourcecode Online Loan Management System manage_user.php sql injection — Online Loan Management System 7.3 High2025-11-03
CVE-2025-12607 itsourcecode Online Loan Management System manage_payment.php sql injection — Online Loan Management System 7.3 High2025-11-03
CVE-2025-12606 itsourcecode Online Loan Management System manage_borrower.php sql injection — Online Loan Management System 7.3 High2025-11-02
CVE-2025-12605 itsourcecode Online Loan Management System manage_loan.php sql injection — Online Loan Management System 7.3 High2025-11-02
CVE-2025-12604 itsourcecode Online Loan Management System load_fields.php sql injection — Online Loan Management System 7.3 High2025-11-02
CVE-2025-12598 SourceCodester Best House Rental Management System admin_class.php save_tenant sql injection — Best House Rental Management System 4.7 Medium2025-11-02
CVE-2025-12597 SourceCodester Best House Rental Management System admin_class.php save_category sql injection — Best House Rental Management System 4.7 Medium2025-11-02

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8863 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.