CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

CWE-943

Children

CWE-564

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (8,799)

page 26 of 440

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2017-12909	Cri	0.64	9.8	0.00	Aug 17, 2017	SQL injection vulnerability in modtask.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter.
CVE-2017-12908	Cri	0.64	9.8	0.00	Aug 17, 2017	SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter.
CVE-2015-3616	Cri	0.64	9.8	0.01	Aug 11, 2017	SQL injection vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to execute arbitrary commands via unspecified parameters.
CVE-2017-12774	Cri	0.64	9.8	0.01	Aug 9, 2017	finecms in 1.9.5\controllers\member\ContentController.php allows remote attackers to operate website database
CVE-2015-0782	Cri	0.64	9.8	0.04	Aug 9, 2017	SQL injection vulnerability in the ScheduleQuery method of the schedule class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2015-0780	Cri	0.64	9.8	0.04	Aug 9, 2017	SQL injection vulnerability in the GetReRequestData method of the GetStoredResult class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2017-12650	Cri	0.64	9.8	0.01	Aug 7, 2017	SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress via the X-Forwarded-For HTTP header.
CVE-2017-12567	Cri	0.64	9.8	0.00	Aug 7, 2017	SQL injection exists in Quest KACE Asset Management Appliance 6.4.120822 through 7.2, Systems Management Appliance 6.4.120822 through 7.2.101, and K1000 as a Service 7.0 through 7.2.
CVE-2017-10816	Cri	0.64	9.8	0.01	Aug 4, 2017	SQL injection vulnerability in the MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote attackers to execute arbitrary SQL commands via Relay Service Server.
CVE-2017-11386	Cri	0.64	9.8	0.07	Aug 2, 2017	SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHandlerNewReportScheduler.dll. Formerly ZDI-CAN-4549.
CVE-2017-11385	Cri	0.64	9.8	0.07	Aug 2, 2017	SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. Formerly ZDI-CAN-4545.
CVE-2017-11384	Cri	0.64	9.8	0.07	Aug 2, 2017	SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x3b21 due to lack of proper user input validation in mdHandlerLicenseManager.dll. Formerly ZDI-CAN-4561.
CVE-2017-11383	Cri	0.64	9.8	0.07	Aug 2, 2017	SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x1b07 due to lack of proper user input validation in cmdHandlerTVCSCommander.dll. Formerly ZDI-CAN-4560.
CVE-2017-12199	Cri	0.64	9.8	0.02	Aug 2, 2017	The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL injection with these wp-admin/admin-ajax.php POST actions: catalogue_update_order list-item, video_update_order video-item, image_update_order list-item, tag_group_update_order list_item, category_products_update_order category-product-item, custom_fields_update_order field-item, categories_update_order category-item, subcategories_update_order subcategory-item, and tags_update_order tag-list-item.
CVE-2017-11184	Cri	0.64	9.8	0.00	Jul 28, 2017	SQL injection exists in front/devicesoundcard.php in GLPI before 9.1.5 via the start parameter.
CVE-2017-11631	Cri	0.64	9.8	0.00	Jul 26, 2017	dapur/app/app_user/controller/status.php in Fiyo CMS 2.0.7 has SQL injection via the id parameter.
CVE-2017-11324	Cri	0.64	9.8	0.00	Jul 24, 2017	An issue was discovered in Tilde CMS 1.0.1. Due to missing escaping of the backtick character, a SELECT query in class.SystemAction.php is vulnerable to SQL Injection. The vulnerability can be triggered via a POST request to /actionphp/action.input.php with the id parameter.
CVE-2017-11584	Cri	0.64	9.8	0.01	Jul 24, 2017	dayrui FineCms 5.0.9 has SQL Injection via the field parameter in an action=module, action=member, action=form, or action=related request to libraries/Template.php.
CVE-2017-11583	Cri	0.64	9.8	0.00	Jul 24, 2017	dayrui FineCms 5.0.9 has SQL Injection via the catid parameter in an action=related request to libraries/Template.php.
CVE-2017-11582	Cri	0.64	9.8	0.00	Jul 24, 2017	dayrui FineCms 5.0.9 has SQL Injection via the num parameter in an action=related or action=tags request to libraries/Template.php.

CVE-2017-12909CriAug 17, 2017
risk 0.64cvss 9.8epss 0.00
SQL injection vulnerability in modtask.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter.
CVE-2017-12908CriAug 17, 2017
risk 0.64cvss 9.8epss 0.00
SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter.
CVE-2015-3616CriAug 11, 2017
risk 0.64cvss 9.8epss 0.01
SQL injection vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to execute arbitrary commands via unspecified parameters.
CVE-2017-12774CriAug 9, 2017
risk 0.64cvss 9.8epss 0.01
finecms in 1.9.5\controllers\member\ContentController.php allows remote attackers to operate website database
CVE-2015-0782CriAug 9, 2017
risk 0.64cvss 9.8epss 0.04
SQL injection vulnerability in the ScheduleQuery method of the schedule class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2015-0780CriAug 9, 2017
risk 0.64cvss 9.8epss 0.04
SQL injection vulnerability in the GetReRequestData method of the GetStoredResult class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2017-12650CriAug 7, 2017
risk 0.64cvss 9.8epss 0.01
SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress via the X-Forwarded-For HTTP header.
CVE-2017-12567CriAug 7, 2017
risk 0.64cvss 9.8epss 0.00
SQL injection exists in Quest KACE Asset Management Appliance 6.4.120822 through 7.2, Systems Management Appliance 6.4.120822 through 7.2.101, and K1000 as a Service 7.0 through 7.2.
CVE-2017-10816CriAug 4, 2017
risk 0.64cvss 9.8epss 0.01
SQL injection vulnerability in the MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote attackers to execute arbitrary SQL commands via Relay Service Server.
CVE-2017-11386CriAug 2, 2017
risk 0.64cvss 9.8epss 0.07
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHandlerNewReportScheduler.dll. Formerly ZDI-CAN-4549.
CVE-2017-11385CriAug 2, 2017
risk 0.64cvss 9.8epss 0.07
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. Formerly ZDI-CAN-4545.
CVE-2017-11384CriAug 2, 2017
risk 0.64cvss 9.8epss 0.07
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x3b21 due to lack of proper user input validation in mdHandlerLicenseManager.dll. Formerly ZDI-CAN-4561.
CVE-2017-11383CriAug 2, 2017
risk 0.64cvss 9.8epss 0.07
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x1b07 due to lack of proper user input validation in cmdHandlerTVCSCommander.dll. Formerly ZDI-CAN-4560.
CVE-2017-12199CriAug 2, 2017
risk 0.64cvss 9.8epss 0.02
The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL injection with these wp-admin/admin-ajax.php POST actions: catalogue_update_order list-item, video_update_order video-item, image_update_order list-item, tag_group_update_order list_item, category_products_update_order category-product-item, custom_fields_update_order field-item, categories_update_order category-item, subcategories_update_order subcategory-item, and tags_update_order tag-list-item.
CVE-2017-11184CriJul 28, 2017
risk 0.64cvss 9.8epss 0.00
SQL injection exists in front/devicesoundcard.php in GLPI before 9.1.5 via the start parameter.
CVE-2017-11631CriJul 26, 2017
risk 0.64cvss 9.8epss 0.00
dapur/app/app_user/controller/status.php in Fiyo CMS 2.0.7 has SQL injection via the id parameter.
CVE-2017-11324CriJul 24, 2017
risk 0.64cvss 9.8epss 0.00
An issue was discovered in Tilde CMS 1.0.1. Due to missing escaping of the backtick character, a SELECT query in class.SystemAction.php is vulnerable to SQL Injection. The vulnerability can be triggered via a POST request to /actionphp/action.input.php with the id parameter.
CVE-2017-11584CriJul 24, 2017
risk 0.64cvss 9.8epss 0.01
dayrui FineCms 5.0.9 has SQL Injection via the field parameter in an action=module, action=member, action=form, or action=related request to libraries/Template.php.
CVE-2017-11583CriJul 24, 2017
risk 0.64cvss 9.8epss 0.00
dayrui FineCms 5.0.9 has SQL Injection via the catid parameter in an action=related request to libraries/Template.php.
CVE-2017-11582CriJul 24, 2017
risk 0.64cvss 9.8epss 0.00
dayrui FineCms 5.0.9 has SQL Injection via the num parameter in an action=related or action=tags request to libraries/Template.php.