CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (10,236)
page 16 of 512| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-7568 | Cri | 0.67 | 9.8 | 0.04 | Apr 24, 2017 | SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote attackers to change the account credentials of known users via the "userEmail" parameter. | ||
| CVE-2016-4337 | Cri | 0.67 | 9.8 | 0.02 | Apr 12, 2017 | SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action. | ||
| CVE-2017-6550 | Cri | 0.67 | 9.8 | 0.04 | Mar 20, 2017 | Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson (formerly ESBUS) allow remote attackers to execute arbitrary SQL commands via the (1) TABLE parameter to esbus/servlet/GetSQLData or (2) QUERY parameter to KK_LS9ReportingPortal/GetData. | ||
| CVE-2017-6095 | Cri | 0.67 | 9.8 | 0.06 | Feb 21, 2017 | A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id. | ||
| CVE-2017-5344 | Cri | 0.67 | 9.8 | 0.06 | Feb 17, 2017 | An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query execution. SQL quote escaping and a keyword blacklist were implemented in a new… | ||
| CVE-2016-3694 | Cri | 0.67 | 9.8 | 0.04 | Feb 15, 2017 | Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands via the (1) orders_status or (2) customers_status parameter to… | ||
| CVE-2016-7400 | Cri | 0.67 | 9.8 | 0.05 | Feb 7, 2017 | Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id… | ||
| CVE-2016-1000125 | Cri | 0.67 | 9.8 | 0.03 | Oct 6, 2016 | Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla | ||
| CVE-2016-1000124 | Cri | 0.67 | 9.8 | 0.03 | Oct 6, 2016 | Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6 | ||
| CVE-2016-1000123 | Cri | 0.67 | 9.8 | 0.04 | Oct 6, 2016 | Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla | ||
| CVE-2015-8261 | Cri | 0.67 | 9.8 | 0.04 | Jan 8, 2016 | The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold before 16.4 does not properly validate serialized XML objects, which allows remote attackers to conduct SQL injection attacks via a crafted SOAP request. | ||
| CVE-2008-3604 | Cri | 0.67 | 9.8 | 0.04 | Aug 12, 2008 | SQL injection vulnerability in bannerclick.php in ZeeBuddy 2.1 allows remote attackers to execute arbitrary SQL commands via the adid parameter. | ||
| CVE-2006-5603 | Cri | 0.67 | 9.8 | 0.01 | Oct 30, 2006 | SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||
| CVE-2017-11386 | Cri | 0.66 | 9.8 | 0.24 | Aug 2, 2017 | SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHandlerNewReportScheduler.dll. Formerly ZDI-CAN-4549. | ||
| CVE-2026-42287 | Cri | 0.65 | — | 0.00 | May 8, 2026 | Emlog is an open source website building system. Prior to version 2.6.11, direct SQL injection in article creation and update functions allows attackers to execute arbitrary SQL commands, potentially leading to complete database compromise, data theft, or system destruction.… | ||
| CVE-2026-3325 | Cri | 0.65 | — | 0.00 | Apr 29, 2026 | SQL injection (SQLi) in MegaCMS v12.0.0, specifically in the “id_territorio” parameter of the “/web_comunications/cms/get_provincias” endpoint. The vulnerability arises from inadequate validation and sanitisation of user input. Specifically, via a POST request, the… | ||
| CVE-2025-50567 | Cri | 0.65 | 10.0 | 0.01 | Aug 19, 2025 | Saurus CMS Community Edition 4.7.1 contains a vulnerability in the custom DB::prepare() function, which uses preg_replace() with the deprecated /e (eval) modifier to interpolate SQL query parameters. This leads to injection of user-controlled SQL statements, potentially leading… | ||
| CVE-2025-4285 | Cri | 0.65 | 10.0 | 0.00 | Jul 22, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolantis Information Technologies Agentis allows SQL Injection. This issue affects Agentis: before 4.32. | ||
| CVE-2024-13152 | Cri | 0.65 | 10.0 | 0.00 | Feb 14, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BSS Software Mobuy Online Machinery Monitoring Panel allows SQL Injection. This issue affects Mobuy Online Machinery Monitoring Panel: before 2.0. | ||
| CVE-2024-55971 | Cri | 0.65 | 10.0 | 0.01 | Jan 23, 2025 | SQL Injection vulnerability in the default configuration of the Logitime WebClock application <= 5.43.0 allows an unauthenticated user to run arbitrary code on the backend database server. |
- risk 0.67cvss 9.8epss 0.04
SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote attackers to change the account credentials of known users via the "userEmail" parameter.
- risk 0.67cvss 9.8epss 0.02
SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action.
- risk 0.67cvss 9.8epss 0.04
Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson (formerly ESBUS) allow remote attackers to execute arbitrary SQL commands via the (1) TABLE parameter to esbus/servlet/GetSQLData or (2) QUERY parameter to KK_LS9ReportingPortal/GetData.
- risk 0.67cvss 9.8epss 0.06
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id.
- risk 0.67cvss 9.8epss 0.06
An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query execution. SQL quote escaping and a keyword blacklist were implemented in a new…
- risk 0.67cvss 9.8epss 0.04
Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands via the (1) orders_status or (2) customers_status parameter to…
- risk 0.67cvss 9.8epss 0.05
Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id…
- risk 0.67cvss 9.8epss 0.03
Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla
- risk 0.67cvss 9.8epss 0.03
Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6
- risk 0.67cvss 9.8epss 0.04
Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
- risk 0.67cvss 9.8epss 0.04
The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold before 16.4 does not properly validate serialized XML objects, which allows remote attackers to conduct SQL injection attacks via a crafted SOAP request.
- risk 0.67cvss 9.8epss 0.04
SQL injection vulnerability in bannerclick.php in ZeeBuddy 2.1 allows remote attackers to execute arbitrary SQL commands via the adid parameter.
- risk 0.67cvss 9.8epss 0.01
SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
- risk 0.66cvss 9.8epss 0.24
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHandlerNewReportScheduler.dll. Formerly ZDI-CAN-4549.
- risk 0.65cvss —epss 0.00
Emlog is an open source website building system. Prior to version 2.6.11, direct SQL injection in article creation and update functions allows attackers to execute arbitrary SQL commands, potentially leading to complete database compromise, data theft, or system destruction.…
- risk 0.65cvss —epss 0.00
SQL injection (SQLi) in MegaCMS v12.0.0, specifically in the “id_territorio” parameter of the “/web_comunications/cms/get_provincias” endpoint. The vulnerability arises from inadequate validation and sanitisation of user input. Specifically, via a POST request, the…
- risk 0.65cvss 10.0epss 0.01
Saurus CMS Community Edition 4.7.1 contains a vulnerability in the custom DB::prepare() function, which uses preg_replace() with the deprecated /e (eval) modifier to interpolate SQL query parameters. This leads to injection of user-controlled SQL statements, potentially leading…
- risk 0.65cvss 10.0epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolantis Information Technologies Agentis allows SQL Injection. This issue affects Agentis: before 4.32.
- risk 0.65cvss 10.0epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BSS Software Mobuy Online Machinery Monitoring Panel allows SQL Injection. This issue affects Mobuy Online Machinery Monitoring Panel: before 2.0.
- risk 0.65cvss 10.0epss 0.01
SQL Injection vulnerability in the default configuration of the Logitime WebClock application <= 5.43.0 allows an unauthenticated user to run arbitrary code on the backend database server.