VYPR

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (10,236)

page 144 of 512
  • CVE-2018-17562HigOct 3, 2018
    risk 0.49cvss 7.5epss 0.01

    Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/call_details?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points.

  • CVE-2018-16384HigSep 3, 2018
    risk 0.49cvss 7.5epss 0.02

    A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity Core Rule Set (owasp-modsecurity-crs) through v3.1.0-rc3 via {`a`b} where a is a special function name (such as "if") and b is the SQL statement to be executed.

  • CVE-2017-10937HigJul 25, 2018
    risk 0.49cvss 7.5epss 0.01

    SQL injection vulnerability in all versions prior to V2.01.05.09 of the ZTE ZXIPTV-UCM product allows remote attackers to execute arbitrary SQL commands via the opertype parameter, resulting in the disclosure of database information.

  • CVE-2017-10936HigJul 25, 2018
    risk 0.49cvss 7.5epss 0.01

    SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure of database information.

  • CVE-2018-1132HigJun 20, 2018
    risk 0.49cvss 7.5epss 0.03

    A flaw was found in Opendaylight's SDNInterfaceapp (SDNI). Attackers can SQL inject the component's database (SQLite) without authenticating to the controller or SDNInterfaceapp. SDNInterface has been deprecated in OpenDayLight since it was last used in the final Carbon series…

  • CVE-2018-7501HigMay 15, 2018
    risk 0.49cvss 7.5epss 0.02

    In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several SQL injection vulnerabilities have been…

  • CVE-2018-1280HigMay 11, 2018
    risk 0.49cvss 7.5epss 0.02

    Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains a blind SQL injection vulnerability. An unauthenticated user can perform a SQL injection in the command center which results in disclosure of database contents.

  • CVE-2018-8820HigMar 28, 2018
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based SQL injection vulnerability in the "match" parameter allows remote authenticated attackers to execute arbitrary SQL commands. It is possible to upgrade access to full server compromise via xp_cmdshell. In some…

  • CVE-2017-0914HigMar 21, 2018
    risk 0.49cvss 7.5epss 0.01

    Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance's database.

  • CVE-2017-5812HigFeb 15, 2018
    risk 0.49cvss 7.5epss 0.05

    A remote sql information disclosure vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.

  • CVE-2017-17567HigDec 13, 2017
    risk 0.49cvss 7.5epss 0.01

    Scubez Posty Readymade Classifieds has SQL Injection via the admin/user_activate_submit.php ID parameter.

  • CVE-2017-17102HigDec 4, 2017
    risk 0.49cvss 7.5epss 0.01

    Fiyo CMS 2.0.7 has SQL injection in /system/site.php via $_REQUEST['link'].

  • CVE-2017-1000129HigNov 17, 2017
    risk 0.49cvss 7.5epss 0.01

    Serendipity 2.0.3 is vulnerable to a SQL injection in the blog component resulting in information disclosure

  • CVE-2017-1002005HigSep 14, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/delete.php user input isn't sanitized via the contact_id variable before adding it to the end of an SQL query.

  • CVE-2017-1002004HigSep 14, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/download.php user input isn't sanitized via the id variable before adding it to the end of an SQL query.

  • CVE-2017-12710HigAug 30, 2017
    risk 0.49cvss 7.5epss 0.02

    A SQL Injection issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. By submitting a specially crafted parameter, it is possible to inject arbitrary SQL statements that could allow an attacker to obtain sensitive information.

  • CVE-2017-1183HigJul 17, 2017
    risk 0.49cvss 7.5epss 0.01

    IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494.

  • CVE-2017-4972HigJun 13, 2017
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3.6.8, 3.9.x versions prior to v3.9.10, and other versions prior to v3.15.0; and UAA bosh release (uaa-release) 13.x…

  • CVE-2017-7236HigMay 26, 2017
    risk 0.49cvss 7.5epss 0.02

    SQL injection vulnerability in NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2017-7879HigApr 14, 2017
    risk 0.49cvss 7.5epss 0.01

    SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read the content database.