VYPR

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (10,236)

page 16 of 512
  • CVE-2015-7568CriApr 24, 2017
    risk 0.67cvss 9.8epss 0.04

    SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote attackers to change the account credentials of known users via the "userEmail" parameter.

  • CVE-2016-4337CriApr 12, 2017
    risk 0.67cvss 9.8epss 0.02

    SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action.

  • CVE-2017-6550CriMar 20, 2017
    risk 0.67cvss 9.8epss 0.04

    Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson (formerly ESBUS) allow remote attackers to execute arbitrary SQL commands via the (1) TABLE parameter to esbus/servlet/GetSQLData or (2) QUERY parameter to KK_LS9ReportingPortal/GetData.

  • CVE-2017-6095CriFeb 21, 2017
    risk 0.67cvss 9.8epss 0.06

    A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id.

  • CVE-2017-5344CriFeb 17, 2017
    risk 0.67cvss 9.8epss 0.06

    An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query execution. SQL quote escaping and a keyword blacklist were implemented in a new…

  • CVE-2016-3694CriFeb 15, 2017
    risk 0.67cvss 9.8epss 0.04

    Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands via the (1) orders_status or (2) customers_status parameter to…

  • CVE-2016-7400CriFeb 7, 2017
    risk 0.67cvss 9.8epss 0.05

    Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id…

  • CVE-2016-1000125CriOct 6, 2016
    risk 0.67cvss 9.8epss 0.03

    Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla

  • CVE-2016-1000124CriOct 6, 2016
    risk 0.67cvss 9.8epss 0.03

    Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6

  • CVE-2016-1000123CriOct 6, 2016
    risk 0.67cvss 9.8epss 0.04

    Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla

  • CVE-2015-8261CriJan 8, 2016
    risk 0.67cvss 9.8epss 0.04

    The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold before 16.4 does not properly validate serialized XML objects, which allows remote attackers to conduct SQL injection attacks via a crafted SOAP request.

  • CVE-2008-3604CriAug 12, 2008
    risk 0.67cvss 9.8epss 0.04

    SQL injection vulnerability in bannerclick.php in ZeeBuddy 2.1 allows remote attackers to execute arbitrary SQL commands via the adid parameter.

  • CVE-2006-5603CriOct 30, 2006
    risk 0.67cvss 9.8epss 0.01

    SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

  • CVE-2017-11386CriAug 2, 2017
    risk 0.66cvss 9.8epss 0.24

    SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHandlerNewReportScheduler.dll. Formerly ZDI-CAN-4549.

  • CVE-2026-42287CriMay 8, 2026
    risk 0.65cvss epss 0.00

    Emlog is an open source website building system. Prior to version 2.6.11, direct SQL injection in article creation and update functions allows attackers to execute arbitrary SQL commands, potentially leading to complete database compromise, data theft, or system destruction.…

  • CVE-2026-3325CriApr 29, 2026
    risk 0.65cvss epss 0.00

    SQL injection (SQLi) in MegaCMS v12.0.0, specifically in the “id_territorio” parameter of the “/web_comunications/cms/get_provincias” endpoint. The vulnerability arises from inadequate validation and sanitisation of user input. Specifically, via a POST request, the…

  • CVE-2025-50567CriAug 19, 2025
    risk 0.65cvss 10.0epss 0.01

    Saurus CMS Community Edition 4.7.1 contains a vulnerability in the custom DB::prepare() function, which uses preg_replace() with the deprecated /e (eval) modifier to interpolate SQL query parameters. This leads to injection of user-controlled SQL statements, potentially leading…

  • CVE-2025-4285CriJul 22, 2025
    risk 0.65cvss 10.0epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolantis Information Technologies Agentis allows SQL Injection. This issue affects Agentis: before 4.32.

  • CVE-2024-13152CriFeb 14, 2025
    risk 0.65cvss 10.0epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BSS Software Mobuy Online Machinery Monitoring Panel allows SQL Injection. This issue affects Mobuy Online Machinery Monitoring Panel: before 2.0.

  • CVE-2024-55971CriJan 23, 2025
    risk 0.65cvss 10.0epss 0.01

    SQL Injection vulnerability in the default configuration of the Logitime WebClock application <= 5.43.0 allows an unauthenticated user to run arbitrary code on the backend database server.