CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8863

8863 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-62422	DataEase SQL injection vulnerability — dataease	9.8^AI	Critical^AI	2025-10-17
CVE-2025-11904	yanyutao0402 ChanCMS hasUse sql injection — ChanCMS	6.3	Medium	2025-10-17
CVE-2025-11903	yanyutao0402 ChanCMS update sql injection — ChanCMS	6.3	Medium	2025-10-17
CVE-2025-11902	yanyutao0402 ChanCMS findField sql injection — ChanCMS	6.3	Medium	2025-10-17
CVE-2025-62423	ClipBucket V5 Blind SQL injection in the Admin Panel — clipbucket-v5	6.7	Medium	2025-10-16
CVE-2025-41019	SQL injection vulnerability in Sergestec's Exito — SISTICK	9.8^AI	Critical^AI	2025-10-16
CVE-2025-41018	SQL injection vulnerability in Sergestec's Exito — Exito	9.8^AI	Critical^AI	2025-10-16
CVE-2025-10682	TARIFFUXX <= 1.4 - Authenticated (Contributor+) SQL Injection via tariffuxx_configurator Shortcode — TARIFFUXX	6.5	Medium	2025-10-15
CVE-2025-11365	WP Google Map Plugin <= 1.0 - Authenticated (Contributor+) SQL Injection — WP Google Map Plugin	6.5	Medium	2025-10-15
CVE-2025-10743	Outdoor <= 1.3.2 - Unauthenticated SQL Injection — Outdoor	7.5	High	2025-10-15
CVE-2025-11177	External Login <= 1.11.2 - Unauthenticated SQL Injection via log — External Login	7.5	High	2025-10-15
CVE-2025-10575	WP jQuery Pager <= 1.4.0 - Authenticated (Contributor+) SQL Injection via Shortcode — WP jQuery Pager	6.5	Medium	2025-10-15
CVE-2025-10730	Wp tabber widget <= 4.0 - Authenticated (Contributor+) SQL Injection — Wp tabber widget	6.5	Medium	2025-10-15
CVE-2025-10045	onOffice for WP-Websites <= 6.5.1 - Authenticated (Editor+) SQL Injection — onOffice for WP-Websites	4.9	Medium	2025-10-15
CVE-2025-10310	Rich Snippet Site Report <= 2.0.0105 - Authenticated (Admin+) SQL Injection — Rich Snippet Site Report	4.9	Medium	2025-10-15
CVE-2025-10660	WP Dashboard Chat <= 1.0.3 - Authenticated (Contributor+) SQL Injection via id — WP Dashboard Chat	6.5	Medium	2025-10-15
CVE-2025-11501	Dynamically Display Posts <= 1.1 - Unauthenticated SQL Injection — Dynamically Display Posts	7.5	High	2025-10-15
CVE-2025-61675	FreePBX Endpoint Manager vulnerable to authenticated SQL injection in multiple configuration parameters — endpoint	8.1^AI	High^AI	2025-10-14
CVE-2025-11736	itsourcecode Online Examination System index.php sql injection — Online Examination System	7.3	High	2025-10-14
CVE-2025-59213	Configuration Manager Elevation of Privilege Vulnerability — Microsoft Configuration Manager	8.8	High	2025-10-14
CVE-2025-55320	Configuration Manager Elevation of Privilege Vulnerability — Microsoft Configuration Manager	6.8	Medium	2025-10-14
CVE-2025-10610	SQLi in SFS Winsure — Winsure	9.8	Critical	2025-10-14
CVE-2025-40755	Siemens SINEC NMS SQL注入漏洞 — SINEC NMS	8.8	High	2025-10-14
CVE-2025-62360	WeGIA SQL Injection via 'id_dependente' param at endpoint `/html/funcionario/dependente_documento.php` — WeGIA	8.8^AI	High^AI	2025-10-13
CVE-2025-62179	WeGIA SQL Injection via 'cpf' param at endpoint `/html/funcionario/cadastro_funcionario_pessoa_existente.php` — WeGIA	8.8^AI	High^AI	2025-10-13
CVE-2025-62384	Ivanti Endpoint Manager（EPM） SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-62386	Ivanti Endpoint Manager（EPM） SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-62383	Ivanti Endpoint Manager SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-62391	Ivanti Endpoint Manager（EPM） SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13
CVE-2025-62385	Ivanti Endpoint Manager SQL注入漏洞 — Endpoint Manager	6.5	Medium	2025-10-13

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8863 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8863