CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

CWE-943

Children

CWE-564

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (8,850)

page 287 of 443

CVE	Vendor / Product	Risk	CVSS	EPSS	Published	Description
CVE-2009-4424	Imotta Pyrmont Plugin	0.03	—	0.00	Dec 28, 2009	SQL injection vulnerability in results.php in the Pyrmont plugin 2 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4423	Weentech Weencompany	0.03	—	0.00	Dec 24, 2009	SQL injection vulnerability in index.php in weenCompany 4.0.0 allows remote attackers to execute arbitrary SQL commands via the moduleid parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-4386	Bookingcentre Booking System For Hotels Group	0.03	—	0.00	Dec 22, 2009	SQL injection vulnerability in hotel_tiempolibre_ext.php in Venalsur Booking Centre Booking System for Hotels Group, when magic_quotes_gpc is enabled, allows remote attackers to execute arbitrary SQL commands via the NoticiaID parameter and other unspecified vectors.
CVE-2009-4375	Alienvault Open Source Security Information Management	0.03	—	0.00	Dec 21, 2009	SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary SQL commands via the id_document parameter.
CVE-2009-4360	Handcoders Content Module	0.03	—	0.00	Dec 20, 2009	SQL injection vulnerability in modules/content/index.php in the Content module 0.5 for XOOPS allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2009-3703	Fahlstad Wp Forum	0.03	—	0.00	Dec 18, 2009	Multiple SQL injection vulnerabilities in the WP-Forum plugin before 2.4 for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an unspecified component, related to wpf.class.php; (3) the topic parameter in a viewforum action to the default URI, related to the remove_topic function in wpf.class.php; or the id parameter in a (4) editpost or (5) viewtopic action to the default URI, related to wpf-post.php.
CVE-2009-4351	Wscreator Wscreator	0.03	—	0.01	Dec 17, 2009	SQL injection vulnerability in ADMIN/loginaction.php in WSCreator 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the Email (aka username) parameter.
CVE-2009-4238	Teamst Testlink	0.03	—	0.00	Dec 10, 2009	Multiple SQL injection vulnerabilities in TestLink before 1.8.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the Test Case ID field to lib/general/navBar.php or (2) the logLevel parameter to lib/events/eventviewer.php.
CVE-2009-4263	Ptcpay Gen3	0.03	—	0.00	Dec 10, 2009	SQL injection vulnerability in main_forum.php in PTCPay GeN3 forum 1.3 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2009-4256	Truesolution Alefmentor	0.03	—	0.00	Dec 10, 2009	Multiple SQL injection vulnerabilities in cource.php in AlefMentor 2.0 and 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) cont_id and (2) courc_id parameters in a pregled action. NOTE: some of these details are obtained from third party information.
CVE-2009-4229	Activewebsoftwares Active Bids	0.03	—	0.00	Dec 8, 2009	Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active Bids allow remote attackers to execute arbitrary SQL commands via (1) the catid parameter in the PATH_INFO to the default URI or (2) the catid parameter to default.asp. NOTE: this might overlap CVE-2009-0429.3. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-4221	Smartisoft Phpbazar	0.03	—	0.00	Dec 7, 2009	SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-3767.
CVE-2009-4218	Jiros Jbsx	0.03	—	0.00	Dec 7, 2009	Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System eXperience (JBSX) allow remote attackers to execute arbitrary SQL commands via the (1) admin or (2) password field, a related issue to CVE-2007-6091. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-4217	Itamar Elharar Com Musicgallery	0.03	—	0.00	Dec 7, 2009	SQL injection vulnerability in the Itamar Elharar MusicGallery (com_musicgallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an itempage action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-4208	Open School Open School	0.03	—	0.00	Dec 4, 2009	SQL injection vulnerability in the os_news module in Open-school (OS) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to index.php.
CVE-2009-4206	Cmsnx Million Dollar Text Links	0.03	—	0.00	Dec 4, 2009	SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4204	Ringsworld Flashlight Free Edition	0.03	—	0.00	Dec 4, 2009	SQL injection vulnerability in read.php in Flashlight Free Edition allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4203	Arab Portal Arab Portal	0.03	—	0.00	Dec 4, 2009	Multiple SQL injection vulnerabilities in admin/aclass/admin_func.php in Arab Portal 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) X-Forwarded-For or (2) Client-IP HTTP header in a request to the default URI under admin/.
CVE-2009-4200	Vollmar Com Seminar	0.03	—	0.00	Dec 4, 2009	SQL injection vulnerability in the Seminar (com_seminar) component 1.28 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a View_seminar action to index.php.
CVE-2009-4199	Mamboforge Com Mosres	0.03	—	0.00	Dec 4, 2009	Multiple SQL injection vulnerabilities in the Mambo Resident (aka Mos Res or com_mosres) component 1.0f for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) property_uid parameter in a viewproperty action to index.php and the (2) regID parameter in a showregion action to index.php.

CVE-2009-4424Dec 28, 2009
Imotta
Pyrmont Plugin
risk 0.03cvss —epss 0.00
SQL injection vulnerability in results.php in the Pyrmont plugin 2 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4423Dec 24, 2009
Weentech
Weencompany
risk 0.03cvss —epss 0.00
SQL injection vulnerability in index.php in weenCompany 4.0.0 allows remote attackers to execute arbitrary SQL commands via the moduleid parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-4386Dec 22, 2009
Bookingcentre
Booking System For Hotels Group
risk 0.03cvss —epss 0.00
SQL injection vulnerability in hotel_tiempolibre_ext.php in Venalsur Booking Centre Booking System for Hotels Group, when magic_quotes_gpc is enabled, allows remote attackers to execute arbitrary SQL commands via the NoticiaID parameter and other unspecified vectors.
CVE-2009-4375Dec 21, 2009
Alienvault
Open Source Security Information Management
risk 0.03cvss —epss 0.00
SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary SQL commands via the id_document parameter.
CVE-2009-4360Dec 20, 2009
Handcoders
Content Module
risk 0.03cvss —epss 0.00
SQL injection vulnerability in modules/content/index.php in the Content module 0.5 for XOOPS allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2009-3703Dec 18, 2009
Fahlstad
Wp Forum
risk 0.03cvss —epss 0.00
Multiple SQL injection vulnerabilities in the WP-Forum plugin before 2.4 for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an unspecified component, related to wpf.class.php; (3) the topic parameter in a viewforum action to the default URI, related to the remove_topic function in wpf.class.php; or the id parameter in a (4) editpost or (5) viewtopic action to the default URI, related to wpf-post.php.
CVE-2009-4351Dec 17, 2009
Wscreator
Wscreator
risk 0.03cvss —epss 0.01
SQL injection vulnerability in ADMIN/loginaction.php in WSCreator 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the Email (aka username) parameter.
CVE-2009-4238Dec 10, 2009
Teamst
Testlink
risk 0.03cvss —epss 0.00
Multiple SQL injection vulnerabilities in TestLink before 1.8.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the Test Case ID field to lib/general/navBar.php or (2) the logLevel parameter to lib/events/eventviewer.php.
CVE-2009-4263Dec 10, 2009
Ptcpay
Gen3
risk 0.03cvss —epss 0.00
SQL injection vulnerability in main_forum.php in PTCPay GeN3 forum 1.3 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2009-4256Dec 10, 2009
Truesolution
Alefmentor
risk 0.03cvss —epss 0.00
Multiple SQL injection vulnerabilities in cource.php in AlefMentor 2.0 and 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) cont_id and (2) courc_id parameters in a pregled action. NOTE: some of these details are obtained from third party information.
CVE-2009-4229Dec 8, 2009
Activewebsoftwares
Active Bids
risk 0.03cvss —epss 0.00
Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active Bids allow remote attackers to execute arbitrary SQL commands via (1) the catid parameter in the PATH_INFO to the default URI or (2) the catid parameter to default.asp. NOTE: this might overlap CVE-2009-0429.3. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-4221Dec 7, 2009
Smartisoft
Phpbazar
risk 0.03cvss —epss 0.00
SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-3767.
CVE-2009-4218Dec 7, 2009
Jiros
Jbsx
risk 0.03cvss —epss 0.00
Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System eXperience (JBSX) allow remote attackers to execute arbitrary SQL commands via the (1) admin or (2) password field, a related issue to CVE-2007-6091. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-4217Dec 7, 2009
Itamar Elharar
Com Musicgallery
risk 0.03cvss —epss 0.00
SQL injection vulnerability in the Itamar Elharar MusicGallery (com_musicgallery) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an itempage action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-4208Dec 4, 2009
Open School
Open School
risk 0.03cvss —epss 0.00
SQL injection vulnerability in the os_news module in Open-school (OS) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to index.php.
CVE-2009-4206Dec 4, 2009
Cmsnx
Million Dollar Text Links
risk 0.03cvss —epss 0.00
SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4204Dec 4, 2009
Ringsworld
Flashlight Free Edition
risk 0.03cvss —epss 0.00
SQL injection vulnerability in read.php in Flashlight Free Edition allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4203Dec 4, 2009
Arab Portal
Arab Portal
risk 0.03cvss —epss 0.00
Multiple SQL injection vulnerabilities in admin/aclass/admin_func.php in Arab Portal 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) X-Forwarded-For or (2) Client-IP HTTP header in a request to the default URI under admin/.
CVE-2009-4200Dec 4, 2009
Vollmar
Com Seminar
risk 0.03cvss —epss 0.00
SQL injection vulnerability in the Seminar (com_seminar) component 1.28 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a View_seminar action to index.php.
CVE-2009-4199Dec 4, 2009
Mamboforge
Com Mosres
risk 0.03cvss —epss 0.00
Multiple SQL injection vulnerabilities in the Mambo Resident (aka Mos Res or com_mosres) component 1.0f for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) property_uid parameter in a viewproperty action to index.php and the (2) regID parameter in a showregion action to index.php.