CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (10,236)
page 109 of 512| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-25348 | Hig | 0.53 | 8.2 | 0.00 | May 23, 2026 | Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the user_detail view with malicious cid values… | ||
| CVE-2018-25342 | Hig | 0.53 | 8.2 | 0.00 | May 23, 2026 | Smartshop 1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'searched' parameter in search.php. Attackers can send GET requests with malicious SQL payloads like SLEEP… | ||
| CVE-2018-25341 | Hig | 0.53 | 8.2 | 0.00 | May 23, 2026 | Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to product.php with union-based SQL injection payloads in the id… | ||
| CVE-2018-25340 | Hig | 0.53 | 8.2 | 0.00 | May 23, 2026 | Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to category.php with UNION-based SQL injection payloads in the id… | ||
| CVE-2026-8827 | — | Hig | 0.53 | — | 0.00 | May 19, 2026 | The AddressRepository::getSqlQuery() method constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itself and therefore poses no direct risk in a default installation. However, custom… | |
| CVE-2026-8851 | Hig | 0.53 | 8.1 | 0.00 | May 18, 2026 | SOGo versions 5.12.7 and prior contains a SQL injection vulnerability in the Access Control List management functionality that allows authenticated users to extract arbitrary data from the database by injecting SQL subqueries through the uid parameter of the addUserInAcls… | ||
| CVE-2018-25339 | Hig | 0.53 | 8.2 | 0.00 | May 17, 2026 | Zechat 1.5 contains a SQL injection vulnerability in the v parameter that allows unauthenticated attackers to extract database information using time-based blind techniques. Attackers can exploit the v parameter with sleep-based blind injection to confirm vulnerability and… | ||
| CVE-2018-25338 | Hig | 0.53 | 8.2 | 0.00 | May 17, 2026 | Zechat 1.5 contains a SQL injection vulnerability in the hashtag parameter that allows unauthenticated attackers to extract database information using union-based techniques. Attackers can exploit the hashtag parameter with union-based payloads to retrieve table and column names. | ||
| CVE-2018-25333 | Hig | 0.53 | 8.2 | 0.00 | May 17, 2026 | Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the login parameter in login.php. Attackers can submit crafted POST requests with… | ||
| CVE-2018-25330 | Hig | 0.53 | 8.2 | 0.00 | May 17, 2026 | Joomla! extension EkRishta 2.10 contains persistent cross-site scripting and SQL injection vulnerabilities that allow attackers to inject malicious code through profile fields and POST parameters. Attackers can inject script payloads in profile information fields like Address… | ||
| CVE-2021-47956 | Hig | 0.53 | 8.2 | 0.00 | May 16, 2026 | EgavilanMedia PHPCRUD 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the firstname parameter. Attackers can send POST requests to insert.php with malicious firstname values to extract… | ||
| CVE-2021-47954 | Hig | 0.53 | 8.2 | 0.00 | May 16, 2026 | LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the search_query parameter. Attackers can send POST requests to /search.php with malicious search_query values using CASE WHEN… | ||
| CVE-2020-37244 | Hig | 0.53 | 8.2 | 0.00 | May 16, 2026 | Supsystic Membership 1.4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'search' and 'sidx' parameters. Attackers can send GET requests to the badges module with crafted… | ||
| CVE-2020-37243 | Hig | 0.53 | 8.2 | 0.00 | May 16, 2026 | Supsystic Pricing Table 1.8.7 contains an SQL injection vulnerability in the 'sidx' GET parameter that allows unauthenticated attackers to execute arbitrary SQL queries through the getListForTbl action. The plugin also contains stored cross-site scripting vulnerabilities in the… | ||
| CVE-2020-37242 | Hig | 0.53 | 8.2 | 0.00 | May 16, 2026 | Supsystic Ultimate Maps 1.1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'sidx' GET parameter. Attackers can send crafted requests to the getListForTbl action with… | ||
| CVE-2021-47966 | Hig | 0.53 | 8.2 | 0.00 | May 15, 2026 | PHP Timeclock 1.04 contains time-based and boolean-based blind SQL injection vulnerabilities in the login_userid parameter of login.php that allows unauthenticated attackers to extract database contents. Attackers can submit crafted POST requests with SQL payloads using SLEEP… | ||
| CVE-2026-29206 | — | Hig | 0.53 | 8.1 | 0.00 | May 13, 2026 | Insufficient sanitization of SQL queries in the `sqloptimizer` utility script allows SQL Injections on behalf of the root user if Slow Query logging is enabled. | |
| CVE-2020-37218 | Hig | 0.53 | 8.2 | 0.00 | May 13, 2026 | Joomla com_hdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hdwplayersearch parameter. Attackers can submit POST requests with crafted SQL… | ||
| CVE-2021-47941 | Hig | 0.53 | 8.2 | 0.00 | May 10, 2026 | WordPress Plugin Survey & Poll 1.5.7.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wp_sap cookie parameter. Attackers can craft SQL payloads in the cookie to extract… | ||
| CVE-2021-47930 | Hig | 0.53 | 8.2 | 0.00 | May 10, 2026 | Balbooa Joomla Forms Builder 2.0.6 contains an unauthenticated SQL injection vulnerability in the form submission handler that allows remote attackers to execute arbitrary SQL queries. Attackers can send POST requests to the com_baforms component with malicious JSON payloads in… |
- risk 0.53cvss 8.2epss 0.00
Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the user_detail view with malicious cid values…
- risk 0.53cvss 8.2epss 0.00
Smartshop 1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'searched' parameter in search.php. Attackers can send GET requests with malicious SQL payloads like SLEEP…
- risk 0.53cvss 8.2epss 0.00
Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to product.php with union-based SQL injection payloads in the id…
- risk 0.53cvss 8.2epss 0.00
Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to category.php with UNION-based SQL injection payloads in the id…
- risk 0.53cvss —epss 0.00
The AddressRepository::getSqlQuery() method constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itself and therefore poses no direct risk in a default installation. However, custom…
- risk 0.53cvss 8.1epss 0.00
SOGo versions 5.12.7 and prior contains a SQL injection vulnerability in the Access Control List management functionality that allows authenticated users to extract arbitrary data from the database by injecting SQL subqueries through the uid parameter of the addUserInAcls…
- risk 0.53cvss 8.2epss 0.00
Zechat 1.5 contains a SQL injection vulnerability in the v parameter that allows unauthenticated attackers to extract database information using time-based blind techniques. Attackers can exploit the v parameter with sleep-based blind injection to confirm vulnerability and…
- risk 0.53cvss 8.2epss 0.00
Zechat 1.5 contains a SQL injection vulnerability in the hashtag parameter that allows unauthenticated attackers to extract database information using union-based techniques. Attackers can exploit the hashtag parameter with union-based payloads to retrieve table and column names.
- risk 0.53cvss 8.2epss 0.00
Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the login parameter in login.php. Attackers can submit crafted POST requests with…
- risk 0.53cvss 8.2epss 0.00
Joomla! extension EkRishta 2.10 contains persistent cross-site scripting and SQL injection vulnerabilities that allow attackers to inject malicious code through profile fields and POST parameters. Attackers can inject script payloads in profile information fields like Address…
- risk 0.53cvss 8.2epss 0.00
EgavilanMedia PHPCRUD 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the firstname parameter. Attackers can send POST requests to insert.php with malicious firstname values to extract…
- risk 0.53cvss 8.2epss 0.00
LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the search_query parameter. Attackers can send POST requests to /search.php with malicious search_query values using CASE WHEN…
- risk 0.53cvss 8.2epss 0.00
Supsystic Membership 1.4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'search' and 'sidx' parameters. Attackers can send GET requests to the badges module with crafted…
- risk 0.53cvss 8.2epss 0.00
Supsystic Pricing Table 1.8.7 contains an SQL injection vulnerability in the 'sidx' GET parameter that allows unauthenticated attackers to execute arbitrary SQL queries through the getListForTbl action. The plugin also contains stored cross-site scripting vulnerabilities in the…
- risk 0.53cvss 8.2epss 0.00
Supsystic Ultimate Maps 1.1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'sidx' GET parameter. Attackers can send crafted requests to the getListForTbl action with…
- risk 0.53cvss 8.2epss 0.00
PHP Timeclock 1.04 contains time-based and boolean-based blind SQL injection vulnerabilities in the login_userid parameter of login.php that allows unauthenticated attackers to extract database contents. Attackers can submit crafted POST requests with SQL payloads using SLEEP…
- risk 0.53cvss 8.1epss 0.00
Insufficient sanitization of SQL queries in the `sqloptimizer` utility script allows SQL Injections on behalf of the root user if Slow Query logging is enabled.
- risk 0.53cvss 8.2epss 0.00
Joomla com_hdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the hdwplayersearch parameter. Attackers can submit POST requests with crafted SQL…
- risk 0.53cvss 8.2epss 0.00
WordPress Plugin Survey & Poll 1.5.7.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wp_sap cookie parameter. Attackers can craft SQL payloads in the cookie to extract…
- risk 0.53cvss 8.2epss 0.00
Balbooa Joomla Forms Builder 2.0.6 contains an unauthenticated SQL injection vulnerability in the form submission handler that allows remote attackers to execute arbitrary SQL queries. Attackers can send POST requests to the com_baforms component with malicious JSON payloads in…