CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-8930	code-projects Medical Store Management System Update Company UpdateCompany.java sql injection — Medical Store Management System	6.3	Medium	2025-08-14
CVE-2025-8929	code-projects Medical Store Management System MainPanel.java sql injection — Medical Store Management System	6.3	Medium	2025-08-13
CVE-2025-8928	code-projects Medical Store Management System Update Medicines UpdateMedicines.java sql injection — Medical Store Management System	6.3	Medium	2025-08-13
CVE-2025-8926	SourceCodester COVID 19 Testing Management System login.php sql injection — COVID 19 Testing Management System	7.3	High	2025-08-13
CVE-2025-8925	itsourcecode Sports Management System match.php sql injection — Sports Management System	7.3	High	2025-08-13
CVE-2025-8924	Campcodes Online Water Billing System viewbill.php sql injection — Online Water Billing System	7.3	High	2025-08-13
CVE-2025-8923	code-projects Job Diary edit-details.php sql injection — Job Diary	7.3	High	2025-08-13
CVE-2025-8922	code-projects Job Diary admin-inbox.php sql injection — Job Diary	7.3	High	2025-08-13
CVE-2025-8921	code-projects Job Diary user-apply.php sql injection — Job Diary	7.3	High	2025-08-13
CVE-2025-8908	Shanghai Lingdang Information Technology Lingdang CRM event.php sql injection — Lingdang CRM	6.3	Medium	2025-08-13
CVE-2025-8914	WellChoose｜Organization Portal System - SQL Injection — Organization Portal System	6.5	Medium	2025-08-13
CVE-2025-6184	Tutor LMS Pro – eLearning and online course solution <= 3.7.0 - Authenticated (Tutor Instructor+) SQL Injection — Tutor LMS Pro	8.8	High	2025-08-13
CVE-2025-55168	WeGIA SQL Injection via id_fichamedica at endpoint `GET /html/saude/aplicar_medicamento.php` — WeGIA	9.8^AI	Critical^AI	2025-08-12
CVE-2025-47954	Microsoft SQL Server Elevation of Privilege Vulnerability — Microsoft SQL Server 2022 (CU 20)	8.8	High	2025-08-12
CVE-2025-49759	Microsoft SQL Server Elevation of Privilege Vulnerability — Microsoft SQL Server 2016 Service Pack 3 (GDR)	8.8	High	2025-08-12
CVE-2025-53727	Microsoft SQL Server Elevation of Privilege Vulnerability — Microsoft SQL Server 2016 Service Pack 3 (GDR)	8.8	High	2025-08-12
CVE-2025-55167	WeGIA SQL Injection via id_fichamedica at endpoint `GET/html/funcionario/dependente_remover.php` — WeGIA	9.8^AI	Critical^AI	2025-08-12
CVE-2025-8296	Ivanti Avalanche SQL注入漏洞 — Avalanche	7.2	High	2025-08-12
CVE-2025-55156	PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter — pyload	9.1^AI	Critical^AI	2025-08-11
CVE-2024-32640	MasaCMS SQL Injection vulnerability — MasaCMS	9.8	Critical	2025-08-11
CVE-2025-8811	code-projects Simple Art Gallery registration.php sql injection — Simple Art Gallery	7.3	High	2025-08-10
CVE-2025-8809	code-projects Online Medicine Guide addelidetails.php sql injection — Online Medicine Guide	7.3	High	2025-08-10
CVE-2025-8806	zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 treeData sql injection — ADP Application Developer Platform 应用开发者平台	6.3	Medium	2025-08-10
CVE-2025-8773	Dinstar Monitoring Platform 甘肃省危险品库监控平台 login_getPasswordErrorNum.action sql injection — Monitoring Platform 甘肃省危险品库监控平台	7.3	High	2025-08-09
CVE-2025-8744	CesiumLab Web lodmodels sql injection — Web	7.3	High	2025-08-08
CVE-2012-10047	Cyclope Employee Surveillance Solution v6.x SQL Injection — Cyclope Employee Surveillance Solution	9.8	-	2025-08-08
CVE-2025-8706	Wanzhou WOES Intelligent Optimization Energy Saving System Energy Overview Module CreateFunctionLog sql injection — WOES Intelligent Optimization Energy Saving System	6.3	Medium	2025-08-08
CVE-2025-8705	Wanzhou WOES Intelligent Optimization Energy Saving System Energy Overview Module GetTargetConfig sql injection — WOES Intelligent Optimization Energy Saving System	6.3	Medium	2025-08-08
CVE-2025-8704	Wanzhou WOES Intelligent Optimization Energy Saving System Analysis Conclusion Query Module GetAlarmResultProcessList sql injection — WOES Intelligent Optimization Energy Saving System	6.3	Medium	2025-08-08
CVE-2025-8703	Wanzhou WOES Intelligent Optimization Energy Saving System Environmental Real-Time Data Module GetAreaTrendChartData sql injection — WOES Intelligent Optimization Energy Saving System	6.3	Medium	2025-08-08

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873