CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (10,236)
page 235 of 512| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-20018 | — | Hig | 0.42 | 7.5 | 0.01 | Dec 19, 2022 | Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query. | |
| CVE-2022-31092 | Hig | 0.42 | 7.5 | 0.01 | Jun 27, 2022 | Pimcore is an Open Source Data & Experience Management Platform. Pimcore offers developers listing classes to make querying data easier. This listing classes also allow to order or group the results based on one or more columns which should be quoted by default. The actual issue… | ||
| CVE-2022-29498 | — | Hig | 0.42 | 7.5 | 0.01 | Apr 21, 2022 | Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run. | |
| CVE-2022-1339 | Hig | 0.42 | 7.5 | 0.05 | Apr 13, 2022 | SQL injection in ElementController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data | ||
| CVE-2022-1219 | Hig | 0.42 | 7.5 | 0.01 | Apr 8, 2022 | SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data | ||
| CVE-2021-43091 | Hig | 0.42 | 7.5 | 0.01 | Mar 25, 2022 | An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via the email parameter in the registration form. | ||
| CVE-2022-0153 | Hig | 0.42 | 7.5 | 0.01 | Mar 24, 2022 | SQL Injection in GitHub repository forkcms/forkcms prior to 5.11.1. | ||
| CVE-2022-25506 | — | Med | 0.42 | 6.5 | 0.01 | Mar 11, 2022 | FreeTAKServer-UI v1.9.8 was discovered to contain a SQL injection vulnerability via the API endpoint /AuthenticateUser. | |
| CVE-2021-43789 | Hig | 0.42 | 7.5 | 0.04 | Dec 7, 2021 | PrestaShop is an Open Source e-commerce web application. Versions of PrestaShop prior to 1.7.8.2 are vulnerable to blind SQL injection using search filters with `orderBy` and `sortOrder` parameters. The problem is fixed in version 1.7.8.2. | ||
| CVE-2019-10763 | — | Med | 0.42 | 6.5 | 0.01 | Nov 18, 2019 | pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via 'id', 'storeId', 'pageSize' and 'tables' parameters, using a… | |
| CVE-2018-16410 | Med | 0.42 | 6.5 | 0.01 | Sep 3, 2018 | Vanilla before 2.6.1 allows SQL injection via an invitationID array to /profile/deleteInvitation, related to applications/dashboard/models/class.invitationmodel.php and applications/dashboard/controllers/class.profilecontroller.php. | ||
| CVE-2018-2447 | Med | 0.42 | 6.5 | 0.01 | Aug 14, 2018 | SAP BusinessObjects Business Intelligence (Launchpad Web Intelligence), version 4.2, allows an attacker to execute crafted InfoObject queries, exposing the CMS InfoObjects database. | ||
| CVE-2018-1000558 | Med | 0.42 | 6.5 | 0.01 | Jun 26, 2018 | OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By… | ||
| CVE-2016-10556 | — | Hig | 0.42 | 7.5 | 0.01 | May 29, 2018 | sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS In Postgres, SQLite, and Microsoft SQL Server there is an issue where arrays are treated as strings and… | |
| CVE-2018-10353 | Med | 0.42 | 6.5 | 0.01 | May 23, 2018 | A SQL injection information disclosure vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to disclose sensitive information on vulnerable installations due to a flaw in the formChangePass class. Authentication is required to exploit this… | ||
| CVE-2018-9102 | Med | 0.42 | 6.5 | 0.01 | Apr 25, 2018 | A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 (21.84.5535.0) and earlier, and Mitel ST 14.2, versions GA27 (19.49.5200.0) and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient… | ||
| CVE-2018-1096 | Med | 0.42 | 6.5 | 0.01 | Apr 5, 2018 | An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database. | ||
| CVE-2017-16893 | Med | 0.42 | 6.5 | 0.01 | Dec 1, 2017 | The application Piwigo is affected by an SQL injection vulnerability in version 2.9.2 and possibly prior. This vulnerability allows remote authenticated attackers to obtain information in the context of the user used by the application to retrieve data from the database.… | ||
| CVE-2017-12364 | Med | 0.42 | 6.5 | 0.01 | Nov 30, 2017 | A SQL Injection vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unauthorized Structured Query Language (SQL) queries. The vulnerability is due to a failure to validate user-supplied input that is used… | ||
| CVE-2017-16961 | Med | 0.42 | 6.5 | 0.01 | Nov 27, 2017 | A SQL injection vulnerability in core/inc/auto-modules.php in BigTree CMS through 4.2.19 allows remote authenticated attackers to obtain information in the context of the user used by the application to retrieve data from the database. The attack uses an admin/trees/add/process… |
- risk 0.42cvss 7.5epss 0.01
Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query.
- risk 0.42cvss 7.5epss 0.01
Pimcore is an Open Source Data & Experience Management Platform. Pimcore offers developers listing classes to make querying data easier. This listing classes also allow to order or group the results based on one or more columns which should be quoted by default. The actual issue…
- risk 0.42cvss 7.5epss 0.01
Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run.
- risk 0.42cvss 7.5epss 0.05
SQL injection in ElementController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data
- risk 0.42cvss 7.5epss 0.01
SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data
- risk 0.42cvss 7.5epss 0.01
An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via the email parameter in the registration form.
- risk 0.42cvss 7.5epss 0.01
SQL Injection in GitHub repository forkcms/forkcms prior to 5.11.1.
- risk 0.42cvss 6.5epss 0.01
FreeTAKServer-UI v1.9.8 was discovered to contain a SQL injection vulnerability via the API endpoint /AuthenticateUser.
- risk 0.42cvss 7.5epss 0.04
PrestaShop is an Open Source e-commerce web application. Versions of PrestaShop prior to 1.7.8.2 are vulnerable to blind SQL injection using search filters with `orderBy` and `sortOrder` parameters. The problem is fixed in version 1.7.8.2.
- risk 0.42cvss 6.5epss 0.01
pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via 'id', 'storeId', 'pageSize' and 'tables' parameters, using a…
- risk 0.42cvss 6.5epss 0.01
Vanilla before 2.6.1 allows SQL injection via an invitationID array to /profile/deleteInvitation, related to applications/dashboard/models/class.invitationmodel.php and applications/dashboard/controllers/class.profilecontroller.php.
- risk 0.42cvss 6.5epss 0.01
SAP BusinessObjects Business Intelligence (Launchpad Web Intelligence), version 4.2, allows an attacker to execute crafted InfoObject queries, exposing the CMS InfoObjects database.
- risk 0.42cvss 6.5epss 0.01
OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By…
- risk 0.42cvss 7.5epss 0.01
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS In Postgres, SQLite, and Microsoft SQL Server there is an issue where arrays are treated as strings and…
- risk 0.42cvss 6.5epss 0.01
A SQL injection information disclosure vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to disclose sensitive information on vulnerable installations due to a flaw in the formChangePass class. Authentication is required to exploit this…
- risk 0.42cvss 6.5epss 0.01
A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 (21.84.5535.0) and earlier, and Mitel ST 14.2, versions GA27 (19.49.5200.0) and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient…
- risk 0.42cvss 6.5epss 0.01
An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database.
- risk 0.42cvss 6.5epss 0.01
The application Piwigo is affected by an SQL injection vulnerability in version 2.9.2 and possibly prior. This vulnerability allows remote authenticated attackers to obtain information in the context of the user used by the application to retrieve data from the database.…
- risk 0.42cvss 6.5epss 0.01
A SQL Injection vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unauthorized Structured Query Language (SQL) queries. The vulnerability is due to a failure to validate user-supplied input that is used…
- risk 0.42cvss 6.5epss 0.01
A SQL injection vulnerability in core/inc/auto-modules.php in BigTree CMS through 4.2.19 allows remote authenticated attackers to obtain information in the context of the user used by the application to retrieve data from the database. The attack uses an admin/trees/add/process…