CWE-89 SQL命令中使用的特殊元素转义处理不恰当(SQL注入) 类漏洞列表 9431

CWE-89 SQL命令中使用的特殊元素转义处理不恰当(SQL注入) 类弱点 9431 条 CVE 漏洞汇总，含 AI 中文分析。

CWE-89即SQL注入，属于输入验证类漏洞。当软件未对用户输入进行充分净化或转义，直接将其拼接到SQL命令中时，攻击者可注入恶意SQL代码，从而篡改查询逻辑、绕过身份验证或窃取敏感数据。开发者应避免直接拼接字符串，转而使用参数化查询或预编译语句，确保用户输入仅被视为数据而非可执行代码，从而从根本上阻断注入路径。

MITRE CWE 官方描述

CWE：CWE-89 SQL 命令中特殊元素的不当中和（SQL 注入）英文：产品使用来自上游组件的外部影响输入来构建 SQL 命令的全部或部分，但未对可能在将命令发送给下游组件时修改预期 SQL 命令的特殊元素进行中和或进行了不正确的中和。如果未在用户可控制的输入中充分移除或引用 SQL 语法，生成的 SQL 查询可能导致这些输入被解释为 SQL 而非普通用户数据。

常见影响 (5)

Confidentiality, Integrity, AvailabilityExecute Unauthorized Code or Commands

Adversaries could execute system commands, typically by changing the SQL statement to redirect output to a file that can then be executed.

ConfidentialityRead Application Data

Since SQL databases generally hold sensitive data, loss of confidentiality is a frequent problem with SQL injection vulnerabilities.

AuthenticationGain Privileges or Assume Identity, Bypass Protection Mechanism

If poor SQL commands are used to check user names and passwords or perform other kinds of authentication, it may be possible to connect to the product as another user with no previous knowledge of the password.

Access ControlBypass Protection Mechanism

If authorization information is held in a SQL database, it may be possible to change this information through the successful exploitation of a SQL injection vulnerability.

IntegrityModify Application Data

Just as it may be possible to read sensitive information, it is also possible to modify or even delete this information with a SQL injection attack.

缓解措施 (5)

Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid [REF-1482]. For example, consider using persistence layers such as Hibernate or Enterprise Java Beans, which can provide significant protection against SQL injection if used properly.

Architecture and DesignIf available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated. Process SQL queries using prepared statements, parameterized queries, or stored procedur…

Architecture and Design, OperationRun your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database ad…

Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.

ImplementationWhile it is risky to use dynamically-generated query strings, code, or commands that mix control and data together, sometimes it may be unavoidable. Properly quote arguments and escape any special characters within those arguments. The most conservative approach is to escape or filter all characters that do not pass an extremely strict allowlist (such as everything that is not alphanumeric or whit…

代码示例 (2)

In 2008, a large number of web servers were compromised using the same SQL injection attack string. This single string worked against many different programs. The SQL injection was then used to modify the web sites to serve malicious code.

The following code dynamically constructs and executes a SQL query that searches for items matching a specified name. The query restricts the items displayed to those where owner matches the user name of the currently-authenticated user.

... string userName = ctx.getAuthenticatedUserName(); string query = "SELECT * FROM items WHERE owner = '" + userName + "' AND itemname = '" + ItemName.Text + "'"; sda = new SqlDataAdapter(query, conn); DataTable dt = new DataTable(); sda.Fill(dt); ...

Bad · C#

SELECT * FROM items WHERE owner = <userName> AND itemname = <itemName>;

Informative

CVE ID	标题	CVSS	风险等级	Published
CVE-2025-55168	WeGIA SQL注入漏洞 — WeGIA	9.8^AI	Critical^AI	2025-08-12
CVE-2025-47954	Microsoft SQL Server SQL注入漏洞 — Microsoft SQL Server 2022 (CU 20)	8.8	High	2025-08-12
CVE-2025-49759	Microsoft SQL Server SQL注入漏洞 — Microsoft SQL Server 2016 Service Pack 3 (GDR)	8.8	High	2025-08-12
CVE-2025-53727	Microsoft SQL Server SQL注入漏洞 — Microsoft SQL Server 2016 Service Pack 3 (GDR)	8.8	High	2025-08-12
CVE-2025-55167	WeGIA SQL注入漏洞 — WeGIA	9.8^AI	Critical^AI	2025-08-12
CVE-2025-8296	Ivanti Avalanche SQL注入漏洞 — Avalanche	7.2	High	2025-08-12
CVE-2025-55156	pyLoad SQL注入漏洞 — pyload	9.1^AI	Critical^AI	2025-08-11
CVE-2024-32640	Masa CMS SQL注入漏洞 — MasaCMS	9.8	Critical	2025-08-11
CVE-2025-8811	Code-Projects Simple Art Gallery 注入漏洞 — Simple Art Gallery	7.3	High	2025-08-10
CVE-2025-8809	Code-Projects Online Medicine Guide 注入漏洞 — Online Medicine Guide	7.3	High	2025-08-10
CVE-2025-8806	Zhilink ADP Application Developer Platform 注入漏洞 — ADP Application Developer Platform 应用开发者平台	6.3	Medium	2025-08-10
CVE-2025-8773	Dinstar Monitoring Platform 注入漏洞 — Monitoring Platform 甘肃省危险品库监控平台	7.3	High	2025-08-09
CVE-2025-8744	CesiumLab Web 注入漏洞 — Web	7.3	High	2025-08-08
CVE-2012-10047	Cyclope Employee Surveillance Solution 安全漏洞 — Cyclope Employee Surveillance Solution	9.8	-	2025-08-08
CVE-2025-8706	Wanzhou WOES Intelligent Optimization Energy Saving System 安全漏洞 — WOES Intelligent Optimization Energy Saving System	6.3	Medium	2025-08-08
CVE-2025-8705	Wanzhou WOES Intelligent Optimization Energy Saving System 注入漏洞 — WOES Intelligent Optimization Energy Saving System	6.3	Medium	2025-08-08
CVE-2025-8704	Wanzhou WOES Intelligent Optimization Energy Saving System 注入漏洞 — WOES Intelligent Optimization Energy Saving System	6.3	Medium	2025-08-08
CVE-2025-8703	Wanzhou WOES Intelligent Optimization Energy Saving System 注入漏洞 — WOES Intelligent Optimization Energy Saving System	6.3	Medium	2025-08-08
CVE-2025-8702	Wanzhou WOES Intelligent Optimization Energy Saving System 注入漏洞 — WOES Intelligent Optimization Energy Saving System	6.3	Medium	2025-08-07
CVE-2025-8701	Wanzhou WOES Intelligent Optimization Energy Saving System 注入漏洞 — WOES Intelligent Optimization Energy Saving System	6.3	Medium	2025-08-07
CVE-2025-54788	SuiteCRM SQL注入漏洞 — SuiteCRM	8.8	High	2025-08-06
CVE-2025-6986	WordPress plugin FileBird SQL注入漏洞 — FileBird – WordPress Media Library Folders & File Manager	6.5	Medium	2025-08-06
CVE-2025-7036	WordPress plugin CleverReach 注入漏洞 — CleverReach® WP	7.5	High	2025-08-06
CVE-2025-54119	ADOdb SQL注入漏洞 — ADOdb	10.0	Critical	2025-08-05
CVE-2025-54865	Tilesheets MediaWiki Extension SQL注入漏洞 — Tilesheets	7.3	High	2025-08-05
CVE-2025-8503	Code-Projects Online Medicine Guide 注入漏洞 — Online Medicine Guide	7.3	High	2025-08-03
CVE-2025-8502	Code-Projects Online Medicine Guide 注入漏洞 — Online Medicine Guide	7.3	High	2025-08-03
CVE-2025-8500	Code-Projects Human Resource Integrated System 注入漏洞 — Human Resource Integrated System	6.3	Medium	2025-08-03
CVE-2025-8499	Code-Projects Online Medicine Guide 注入漏洞 — Online Medicine Guide	7.3	High	2025-08-03
CVE-2025-8498	Code-Projects Online Medicine Guide 注入漏洞 — Online Medicine Guide	7.3	High	2025-08-03

CWE-89（SQL命令中使用的特殊元素转义处理不恰当(SQL注入)）是常见的弱点类别，本平台收录该类弱点关联的 9431 条 CVE 漏洞。

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

CWE-89 SQL命令中使用的特殊元素转义处理不恰当(SQL注入) 类漏洞列表 9431

目标达成感谢每一位支持者 — 我们达成了 100% 目标！