CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
BaseStableLikelihood: High
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (8,799)
page 12 of 440| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-3922 | Cri | 0.65 | 10.0 | 0.90 | Jun 13, 2024 | The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | |
| CVE-2024-3820 | Cri | 0.65 | 10.0 | 0.02 | Jun 1, 2024 | The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to SQL Injection via the 'id_key' parameter of the wdt_delete_table_row AJAX action in all versions up to, and including, 6.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Please note this only affects the premium version of the plugin. | |
| CVE-2024-0851 | Cri | 0.65 | — | 0.00 | May 27, 2024 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Grup Arge Energy and Control Systems Smartpower allows SQL Injection.This issue affects Smartpower: through V24.05.27. | |
| CVE-2024-0705 | Cri | 0.65 | 9.8 | 0.20 | Jan 19, 2024 | The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | |
| CVE-2023-25960 | Cri | 0.65 | 10.0 | 0.00 | Nov 3, 2023 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zendrop Zendrop – Global Dropshipping zendrop-dropshipping-and-fulfillment allows SQL Injection.This issue affects Zendrop – Global Dropshipping: from n/a through 1.0.0. | |
| CVE-2017-16851 | Cri | 0.65 | 9.8 | 0.12 | Nov 16, 2017 | Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage.do widgetid parameter. | |
| CVE-2017-16850 | Cri | 0.65 | 9.8 | 0.12 | Nov 16, 2017 | Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a getResourceProfiles action. | |
| CVE-2017-16849 | Cri | 0.65 | 9.8 | 0.12 | Nov 16, 2017 | Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage.do?method=viewDashBoard forpage parameter. | |
| CVE-2017-16847 | Cri | 0.65 | 9.8 | 0.12 | Nov 16, 2017 | Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a showPlasmaView action. | |
| CVE-2017-16846 | Cri | 0.65 | 9.8 | 0.12 | Nov 16, 2017 | Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /manageApplications.do?method=AddSubGroup haid parameter. | |
| CVE-2017-14723 | Cri | 0.65 | 9.8 | 0.10 | Sep 23, 2017 | Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks. | |
| CVE-2017-1002023 | Cri | 0.65 | 9.8 | 0.10 | Sep 14, 2017 | Vulnerability in wordpress plugin Easy Team Manager v1.3.2, The code does not sanitize id before making it part of an SQL statement in file ./easy-team-manager/inc/easy_team_manager_desc_edit.php | |
| CVE-2017-1002022 | Cri | 0.65 | 9.8 | 0.11 | Sep 14, 2017 | Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query. | |
| CVE-2017-1002021 | Cri | 0.65 | 9.8 | 0.11 | Sep 14, 2017 | Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query. | |
| CVE-2017-1002020 | Cri | 0.65 | 9.8 | 0.11 | Sep 14, 2017 | Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize the action variable before placing it inside of an SQL query. | |
| CVE-2017-1002012 | Cri | 0.65 | 9.8 | 0.10 | Sep 14, 2017 | Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, In image-gallery-with-slideshow/admin_setting.php the following snippet of code does not sanitize input via the gid variable before passing it into an SQL statement. | |
| CVE-2017-3549 | Cri | 0.65 | 9.1 | 0.31 | Apr 24, 2017 | Vulnerability in the Oracle Scripting component of Oracle E-Business Suite (subcomponent: Scripting Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Scripting accessible data as well as unauthorized access to critical data or complete access to all Oracle Scripting accessible data. CVSS 3.0 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). | |
| CVE-2015-8974 | Cri | 0.65 | 10.0 | 0.04 | Jan 31, 2017 | SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |
| CVE-2017-5611 | Cri | 0.65 | 9.8 | 0.12 | Jan 30, 2017 | SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name. | |
| CVE-2016-1000217 | Cri | 0.65 | 9.8 | 0.11 | Oct 6, 2016 | Zotpress plugin for WordPress SQLi in zp_get_account() |