VYPR

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (10,236)

page 145 of 512
  • CVE-2016-9728HigMar 7, 2017
    risk 0.49cvss 7.5epss 0.01

    IBM Qradar 7.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM Reference #: 1999543.

  • CVE-2016-8930HigFeb 1, 2017
    risk 0.49cvss 7.6epss 0.01

    IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

  • CVE-2016-8928HigFeb 1, 2017
    risk 0.49cvss 7.6epss 0.01

    IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

  • CVE-2017-5598HigJan 27, 2017
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in eClinicalWorks healow@work 8.0 build 8. This is a blind SQL injection within the EmployeePortalServlet, which can be exploited by un-authenticated users via an HTTP POST request and which can be used to dump database data out to a malicious server,…

  • CVE-2016-9864HigDec 11, 2016
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration…

  • CVE-2016-6616HigDec 11, 2016
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in phpMyAdmin. In the "User group" and "Designer" features, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions (prior to 4.6.4) and 4.4.x versions (prior to 4.4.15.8) are affected.

  • CVE-2016-9283HigNov 11, 2016
    risk 0.49cvss 7.5epss 0.02

    SQL Injection in framework/core/subsystems/expRouter.php in Exponent CMS v2.4.0 allows remote attackers to read database information via address/addContentToSearch/id/ and a trailing string, related to a "sef URL" issue.

  • CVE-2016-9282HigNov 11, 2016
    risk 0.49cvss 7.5epss 0.02

    SQL Injection in framework/modules/search/controllers/searchController.php in Exponent CMS v2.4.0 allows remote attackers to read database information via action=search&module=search with the search_string parameter.

  • CVE-2016-9184HigNov 4, 2016
    risk 0.49cvss 7.5epss 0.02

    In /framework/modules/core/controllers/expHTMLEditorController.php of Exponent CMS 2.4.0, untrusted input is used to construct a table name, and in the selectObject method in mysqli class, table names are wrapped with a character that common filters do not filter, allowing for…

  • CVE-2016-9135HigNov 3, 2016
    risk 0.49cvss 7.5epss 0.02

    Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/framework/modules/help/controllers/helpController.php" affecting the version parameter. Impact is Information Disclosure.

  • CVE-2016-9134HigNov 3, 2016
    risk 0.49cvss 7.5epss 0.02

    Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/expPaginator.php" affecting the order parameter. Impact is Information Disclosure.

  • CVE-2016-7919HigOct 28, 2016
    risk 0.49cvss 7.5epss 0.02

    Moodle 3.1.2 allows remote attackers to obtain sensitive information via unspecified vectors, related to a "SQL Injection" issue affecting the Administration panel function in the installation process component. NOTE: the vendor disputes the relevance of this report, noting…

  • CVE-2016-6419HigOct 5, 2016
    risk 0.49cvss 7.5epss 0.01

    SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 through 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCur25485.

  • CVE-2026-40766HigJun 15, 2026
    risk 0.48cvss 8.5epss 0.00

    Subscriber SQL Injection in MasterStudy LMS <= 3.7.25 versions.

  • CVE-2026-42730HigMay 27, 2026
    risk 0.48cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Blind SQL Injection.This issue affects MasterStudy LMS: from n/a through <= 3.7.29.

  • CVE-2026-44706HigMay 26, 2026
    risk 0.48cvss 8.5epss 0.00

    Chatwoot is a customer engagement suite. From 2.2.0 to before 4.11.2, a SQL injection vulnerability exists in the conversation and contact filter APIs. When filtering by a custom attribute of type date or number using the is_greater_than or is_less_than operators, user-supplied…

  • CVE-2026-48837HigMay 25, 2026
    risk 0.48cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Unlimited Elements For Elementor allows Blind SQL Injection. This issue affects Unlimited Elements For Elementor: from n/a through 2.0.8.

  • CVE-2026-34747HigApr 1, 2026
    risk 0.48cvss 8.5epss 0.00

    Payload is a free and open source headless content management system. Prior to version 3.79.1, certain request inputs were not properly validated. An attacker could craft requests that influence SQL query execution, potentially exposing or modifying data in collections. This…

  • CVE-2026-33643HigMar 30, 2026
    risk 0.48cvss 7.4epss 0.00

    SQL Injection vulnerability in SchemaHero 0.23.0 via the column parameter to the mysqlColumnAsInsert function in file plugins/mysql/lib/column.go.

  • CVE-2026-29953HigMar 30, 2026
    risk 0.48cvss 7.4epss 0.00

    SQL Injection vulnerability in SchemaHero 0.23.0 via the column parameter to the columnAsInsert function in file plugins/postgres/lib/column.go.