VYPR

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (10,236)

page 18 of 512
  • CVE-2026-39196CriJun 15, 2026
    risk 0.64cvss 9.8epss 0.00

    Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the set_uri_query parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements.

  • CVE-2026-38812CriJun 15, 2026
    risk 0.64cvss 9.8epss 0.00

    RuoYi v4.8.2 is vulnerable to SQL Injection via the /tool/gen/createTable endpoint. The issue affects the code generation module and may allow an authenticated attacker with administrative privileges to access sensitive database information.

  • CVE-2026-44172CriJun 12, 2026
    risk 0.64cvss 9.8epss 0.00

    MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysql_real_escape_string() and sending it to the database using text protocol and big5 character set was…

  • CVE-2026-45060CriJun 11, 2026
    risk 0.64cvss 9.8epss 0.00

    ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #129, the actions/progress_video.php endpoint is vulnerable to blind SQL injection. Any unauthenticated user can exploit the ids parameter to execute SQL queries and exfiltrate sensitive data. This…

  • CVE-2026-38581CriJun 11, 2026
    risk 0.64cvss 9.8epss 0.00

    SQL Injection vulnerability in damasac thaipalliative_lte through version 3.0 allows remote attackers to execute arbitrary SQL commands via the idFormMain parameter to /substudy/ezform.php (line 14) and the id parameter (line 49). The parameters are concatenated directly into…

  • CVE-2026-8025CriJun 9, 2026
    risk 0.64cvss 9.8epss 0.00

    Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in MOSK Information Technologies Ltd. CBS Platform allows SQL Injection. This issue affects CBS Platform: through 09062026.  NOTE: The vendor was contacted and it was learned…

  • CVE-2026-7486CriJun 9, 2026
    risk 0.64cvss 9.8epss 0.00

    Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Netcad Software Inc. E-İmar allows SQL Injection. This issue affects E-İmar: from 2.10.1.0 before 3.0.2.

  • CVE-2026-45779CriJun 5, 2026
    risk 0.64cvss 9.8epss 0.00

    OpenXDMoD is an open framework for collecting and analyzing HPC metrics. An SQL injection vulnerability exists in Open XDMoD versions prior to 10.0.3 that allows an unauthenticated remote attacker to execute arbitrary SQL statements. Exploitation requires no authentication or…

  • CVE-2026-10880CriJun 4, 2026
    risk 0.64cvss 9.8epss 0.00

    OSNexus QuantaStor SDS Manager is vulnerable to SQL injection in the login endpoint. The username field is not properly sanitized before being incorporated into a SQL query, allowing an unauthenticated remote attacker to bypass authentication and log in as an administrator…

  • CVE-2026-4104CriJun 4, 2026
    risk 0.64cvss 9.8epss 0.00

    Authorization bypass through User-Controlled SQL primary key vulnerability in Akmer Informatics Automation Industry and Trade Ltd. Co. TeknoPass allows SQL Injection. This issue affects TeknoPass: from 20210501 through 20260429.

  • CVE-2026-35222CriMay 26, 2026
    risk 0.64cvss 9.8epss 0.00

    Improperly validated order clauses lead to a SQL injection vulnerability in com_tags.

  • CVE-2026-35221CriMay 26, 2026
    risk 0.64cvss 9.8epss 0.00

    Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_finder.

  • CVE-2025-11024CriMay 14, 2026
    risk 0.64cvss 9.8epss 0.00

    Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Blind SQL Injection. This issue affects E-Commerce Website: before 4.5.001.

  • CVE-2026-34187CriMay 12, 2026
    risk 0.64cvss 9.8epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800

  • CVE-2025-6577CriMay 12, 2026
    risk 0.64cvss 9.8epss 0.00

    Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows SQL Injection. This issue affects E-Commerce Website: before 4.5.001.

  • CVE-2026-38567CriMay 11, 2026
    risk 0.64cvss 9.8epss 0.01

    HireFlow v1.2 is vulnerable to SQL injection in the /login and /search endpoints. User-supplied input is concatenated directly into SQL queries without parameterization. An unauthenticated attacker can bypass authentication by supplying a crafted username (e.g. admin'--) or…

  • CVE-2026-37431CriMay 8, 2026
    risk 0.64cvss 9.8epss 0.00

    Beauty Parlour Management System v1.1 was discovered to contain a SQL injection vulnerability via the aptnumber parameter in the /appointment-detail.php endpoint. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement.

  • CVE-2023-46453CriMay 8, 2026
    risk 0.64cvss 9.8epss 0.01

    Certain GL.iNet devices with 4.x firmware allow authentication bypass (resulting in administrative control of the device) via a username that is both a valid SQL statement and a valid regular expression. For example, this affects version 4.3.7 on GL-MT3000 GL-AR300M GL-B1300…

  • CVE-2026-42233CriMay 4, 2026
    risk 0.64cvss 9.8epss 0.00

    n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the Oracle Database node's select operation allowed user-controlled input passed into the Limit field via expressions to be interpolated directly into the SQL query…

  • CVE-2026-41462CriApr 27, 2026
    risk 0.64cvss 9.8epss 0.01

    ProjeQtor versions 7.0 through 12.4.3 contain an unauthenticated SQL injection vulnerability in the login functionality where the login variable is directly concatenated into a SQL query without parameterization or sanitization. Attackers can inject arbitrary SQL expressions…