CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (10,236)
page 125 of 512| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-8134 | Hig | 0.50 | 8.8 | 0.01 | Nov 6, 2019 | A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with marketing privileges can execute arbitrary SQL queries in the database when accessing email template variables. | ||
| CVE-2019-8130 | Hig | 0.50 | 8.8 | 0.01 | Nov 6, 2019 | A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with store manipulation privileges can execute arbitrary SQL queries by getting access to the database connection through group instance in email templates. | ||
| CVE-2019-8127 | Hig | 0.50 | 8.8 | 0.01 | Nov 5, 2019 | A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to an account with Newsletter Template editing permission could exfiltrate the Admin login data, and reset their password,… | ||
| CVE-2018-20678 | Hig | 0.50 | 8.8 | 0.01 | Mar 28, 2019 | LibreNMS through 1.47 allows SQL injection via the html/ajax_table.php sort[hostname] parameter, exploitable by authenticated users during a search. | ||
| CVE-2018-20713 | Hig | 0.50 | 8.8 | 0.01 | Jan 15, 2019 | Shopware before 5.4.3 allows SQL Injection by remote authenticated users, aka SW-21404. | ||
| CVE-2018-19998 | Hig | 0.50 | 8.8 | 0.02 | Jan 3, 2019 | SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter. | ||
| CVE-2018-19994 | Hig | 0.50 | 8.8 | 0.02 | Jan 3, 2019 | An error-based SQL injection vulnerability in product/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the desiredstock parameter. | ||
| CVE-2018-15144 | Hig | 0.50 | 8.8 | 0.02 | Aug 13, 2018 | SQL injection vulnerability in interface/de_identification_forms/find_drug_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the search_term parameter. | ||
| CVE-2018-12912 | Hig | 0.50 | 7.2 | 0.03 | Jun 27, 2018 | An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI. | ||
| CVE-2018-10738 | Hig | 0.50 | 7.2 | 0.43 | May 16, 2018 | A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/menuaccess.php chbKey1 parameter. | ||
| CVE-2018-10737 | Hig | 0.50 | 7.2 | 0.43 | May 16, 2018 | A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/logbook.php txtSearch parameter. | ||
| CVE-2018-10736 | Hig | 0.50 | 7.2 | 0.43 | May 16, 2018 | A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/info.php key1 parameter. | ||
| CVE-2018-10735 | Hig | 0.50 | 7.2 | 0.43 | May 16, 2018 | A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php cname parameter. | ||
| CVE-2015-7714 | Hig | 0.50 | 7.2 | 0.02 | Oct 18, 2017 | Multiple SQL injection vulnerabilities in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allow remote administrators to execute arbitrary SQL commands via the (1) id, (2) copy_field in a data_copy action, (3) pshow in an update_field action, (4) css, (5) tip, (6)… | ||
| CVE-2017-8377 | Hig | 0.50 | 8.8 | 0.01 | May 1, 2017 | GeniXCMS 1.0.2 has SQL Injection in inc/lib/Control/Backend/menus.control.php via the menuid parameter. | ||
| CVE-2017-6088 | Hig | 0.50 | 7.2 | 0.06 | Apr 11, 2017 | Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) bp_name, (2) display, (3) search, or (4) equipment parameter to module/monitoring_ged/ged_functions.php or the (5)… | ||
| CVE-2017-6098 | Hig | 0.50 | 7.2 | 0.05 | Feb 21, 2017 | A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign_save.php (Requires authentication to Wordpress admin) with the POST Parameter: list_id. | ||
| CVE-2017-6097 | Hig | 0.50 | 7.2 | 0.05 | Feb 21, 2017 | A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign/count_of_send.php (Requires authentication to Wordpress admin) with the POST Parameter: camp_id. | ||
| CVE-2017-6096 | Hig | 0.50 | 7.2 | 0.05 | Feb 21, 2017 | A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Parameter: filter_list. | ||
| CVE-2016-3072 | Hig | 0.50 | 8.8 | 0.02 | Jun 7, 2016 | Multiple SQL injection vulnerabilities in the scoped_search function in app/controllers/katello/api/v2/api_controller.rb in Katello allow remote authenticated users to execute arbitrary SQL commands via the (1) sort_by or (2) sort_order parameter. |
- risk 0.50cvss 8.8epss 0.01
A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with marketing privileges can execute arbitrary SQL queries in the database when accessing email template variables.
- risk 0.50cvss 8.8epss 0.01
A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. A user with store manipulation privileges can execute arbitrary SQL queries by getting access to the database connection through group instance in email templates.
- risk 0.50cvss 8.8epss 0.01
A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to an account with Newsletter Template editing permission could exfiltrate the Admin login data, and reset their password,…
- risk 0.50cvss 8.8epss 0.01
LibreNMS through 1.47 allows SQL injection via the html/ajax_table.php sort[hostname] parameter, exploitable by authenticated users during a search.
- risk 0.50cvss 8.8epss 0.01
Shopware before 5.4.3 allows SQL Injection by remote authenticated users, aka SW-21404.
- risk 0.50cvss 8.8epss 0.02
SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter.
- risk 0.50cvss 8.8epss 0.02
An error-based SQL injection vulnerability in product/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the desiredstock parameter.
- risk 0.50cvss 8.8epss 0.02
SQL injection vulnerability in interface/de_identification_forms/find_drug_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the search_term parameter.
- risk 0.50cvss 7.2epss 0.03
An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI.
- risk 0.50cvss 7.2epss 0.43
A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/menuaccess.php chbKey1 parameter.
- risk 0.50cvss 7.2epss 0.43
A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/logbook.php txtSearch parameter.
- risk 0.50cvss 7.2epss 0.43
A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/info.php key1 parameter.
- risk 0.50cvss 7.2epss 0.43
A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php cname parameter.
- risk 0.50cvss 7.2epss 0.02
Multiple SQL injection vulnerabilities in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allow remote administrators to execute arbitrary SQL commands via the (1) id, (2) copy_field in a data_copy action, (3) pshow in an update_field action, (4) css, (5) tip, (6)…
- risk 0.50cvss 8.8epss 0.01
GeniXCMS 1.0.2 has SQL Injection in inc/lib/Control/Backend/menus.control.php via the menuid parameter.
- risk 0.50cvss 7.2epss 0.06
Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) bp_name, (2) display, (3) search, or (4) equipment parameter to module/monitoring_ged/ged_functions.php or the (5)…
- risk 0.50cvss 7.2epss 0.05
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign_save.php (Requires authentication to Wordpress admin) with the POST Parameter: list_id.
- risk 0.50cvss 7.2epss 0.05
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign/count_of_send.php (Requires authentication to Wordpress admin) with the POST Parameter: camp_id.
- risk 0.50cvss 7.2epss 0.05
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Parameter: filter_list.
- risk 0.50cvss 8.8epss 0.02
Multiple SQL injection vulnerabilities in the scoped_search function in app/controllers/katello/api/v2/api_controller.rb in Katello allow remote authenticated users to execute arbitrary SQL commands via the (1) sort_by or (2) sort_order parameter.