Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8872

8872 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-9502 Campcodes Online Loan Management System ajax.php sql injection — Online Loan Management System 7.3 High2025-08-27
CVE-2025-9492 Campcodes Online Water Billing System addclient1.php sql injection — Online Water Billing System 7.3 High2025-08-26
CVE-2025-9473 SourceCodester Online Bank Management System feedback.php sql injection — Online Bank Management System 7.3 High2025-08-26
CVE-2025-9472 itsourcecode Apartment Management System add_owner_utility.php sql injection — Apartment Management System 7.3 High2025-08-26
CVE-2025-9471 itsourcecode Apartment Management System add_maintenance_cost.php sql injection — Apartment Management System 7.3 High2025-08-26
CVE-2025-9470 itsourcecode Apartment Management System add_m_committee.php sql injection — Apartment Management System 7.3 High2025-08-26
CVE-2025-9469 itsourcecode Apartment Management System add_fund.php sql injection — Apartment Management System 7.3 High2025-08-26
CVE-2025-9468 itsourcecode Apartment Management System add_bill.php sql injection — Apartment Management System 7.3 High2025-08-26
CVE-2025-9172 Vibes <= 2.2.0 - Unauthenticated SQL Injection via `resource` Parameter — Vibes 7.5 High2025-08-26
CVE-2025-9444 1000projects Online Project Report Submission and Evaluation System delete_group_student.php sql injection — Online Project Report Submission and Evaluation System 7.3 High2025-08-26
CVE-2025-9426 itsourcecode Online Tour and Travel Management System package.php sql injection — Online Tour and Travel Management System 7.3 High2025-08-25
CVE-2025-9425 itsourcecode Online Tour and Travel Management System enquiry.php sql injection — Online Tour and Travel Management System 7.3 High2025-08-25
CVE-2025-9423 Campcodes Online Water Billing System editecex.php sql injection — Online Water Billing System 7.3 High2025-08-25
CVE-2025-9421 itsourcecode Apartment Management System addcomplain.php sql injection — Apartment Management System 7.3 High2025-08-25
CVE-2025-9420 itsourcecode Apartment Management System addfloor.php sql injection — Apartment Management System 7.3 High2025-08-25
CVE-2025-9419 itsourcecode Apartment Management System addunit.php sql injection — Apartment Management System 7.3 High2025-08-25
CVE-2025-9418 itsourcecode Apartment Management System addowner.php sql injection — Apartment Management System 7.3 High2025-08-25
CVE-2025-9417 itsourcecode Apartment Management System addemployee.php sql injection — Apartment Management System 6.3 Medium2025-08-25
CVE-2025-9413 lostvip-com ruoyi-go system_router.go SelectListByPage sql injection — ruoyi-go 6.3 Medium2025-08-25
CVE-2025-9412 lostvip-com ruoyi-go DictDataDao.go SelectListByPage sql injection — ruoyi-go 6.3 Medium2025-08-25
CVE-2025-9411 lostvip-com ruoyi-go LoginInforService.go SelectPageList sql injection — ruoyi-go 6.3 Medium2025-08-25
CVE-2025-9410 lostvip-com ruoyi-go GenTableDao.go SelectListByPage sql injection — ruoyi-go 6.3 Medium2025-08-25
CVE-2025-9399 YiFang CMS L_tool.php sql injection — CMS 6.3 Medium2025-08-25
CVE-2025-9391 Bjskzy Zhiyou ERP com.artery.workflow.ServiceImpl getFieldValue sql injection — Zhiyou ERP 6.3 Medium2025-08-24
CVE-2025-6791 Second order SQL injection available to user with low privilege — web 8.8 High2025-08-22
CVE-2025-4650 User with high privileges is able to introduce a SQLi using the Meta Service indicator page — web 7.2 High2025-08-22
CVE-2025-9255 Uniong|WebITR - SQL Injection — WebITR 7.5 High2025-08-22
CVE-2025-9311 itsourcecode Apartment Management System addfair.php sql injection — Apartment Management System 7.3 High2025-08-21
CVE-2025-57761 WeGIA SQL Injection vulnerability via 'id_funcionario' param at endpoint `/html/funcionario/dependente_remover.php` — WeGIA 9.8AICriticalAI2025-08-21
CVE-2025-9307 PHPGurukul Online Course Registration session.php sql injection — Online Course Registration 7.3 High2025-08-21

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8872 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.