CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (10,236)
page 3 of 512| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-2323 | Cri | 0.69 | 9.8 | 0.62 | Mar 14, 2014 | SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname. | ||
| CVE-2025-47608 | Cri | 0.68 | 9.3 | 0.01 | Jun 9, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce recover-wc-abandoned-cart allows SQL Injection.This issue affects Recover abandoned cart for WooCommerce: from n/a through <=… | ||
| CVE-2024-8522 | Cri | 0.68 | 10.0 | 0.61 | Sep 12, 2024 | The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_only_fields' parameter of the /wp-json/learnpress/v1/courses REST API endpoint in all versions up to, and including, 4.2.7 due to insufficient escaping on the user supplied… | ||
| CVE-2024-45622 | Cri | 0.68 | 9.8 | 0.36 | Sep 2, 2024 | ASIS (aka Aplikasi Sistem Sekolah using CodeIgniter 3) 3.0.0 through 3.2.0 allows index.php username SQL injection for Authentication Bypass. | ||
| CVE-2024-32709 | Cri | 0.68 | 9.3 | 0.06 | Apr 24, 2024 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5. | ||
| CVE-2018-16159 | Cri | 0.68 | 9.8 | 0.50 | Aug 30, 2018 | The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request. | ||
| CVE-2018-11511 | Cri | 0.68 | 9.8 | 0.11 | Aug 16, 2018 | The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL injection vulnerability that affects the 'album_id' or 'scope' parameter via a photo-gallery/api/album/tree_lists/ URI. | ||
| CVE-2016-6566 | Cri | 0.68 | 9.8 | 0.12 | Jul 13, 2018 | The valueAsString parameter inside the JSON payload contained by the ucLogin_txtLoginId_ClientStat POST parameter of the Sungard eTRAKiT3 software version 3.2.1.17 is not properly validated. An unauthenticated remote attacker may be able to modify the POST request and insert a… | ||
| CVE-2018-6229 | Cri | 0.68 | 9.8 | 0.11 | Mar 15, 2018 | A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 edit policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system. | ||
| CVE-2018-6228 | Cri | 0.68 | 9.8 | 0.11 | Mar 15, 2018 | A SQL injection vulnerability in a Trend Micro Email Encryption Gateway 5.5 policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system. | ||
| CVE-2018-7313 | Cri | 0.68 | 9.8 | 0.20 | Feb 22, 2018 | SQL Injection exists in the CW Tags 2.0.6 component for Joomla! via the searchtext array parameter. | ||
| CVE-2018-6583 | Cri | 0.68 | 9.8 | 0.19 | Feb 17, 2018 | SQL Injection exists in the Timetable Responsive Schedule 1.5 component for Joomla! via a view=event&alias= request. | ||
| CVE-2018-6006 | Cri | 0.68 | 9.8 | 0.19 | Feb 17, 2018 | SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter. | ||
| CVE-2017-17420 | Cri | 0.68 | 9.8 | 0.49 | Feb 8, 2018 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUJobCountHistory Get method… | ||
| CVE-2017-17417 | Cri | 0.68 | 9.8 | 0.10 | Feb 8, 2018 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Acknowledge method… | ||
| CVE-2018-5973 | — | Cri | 0.68 | 9.8 | 0.20 | Jan 25, 2018 | SQL Injection exists in Professional Local Directory Script 1.0 via the sellers_subcategories.php IndustryID parameter, or the suppliers.php IndustryID or CategoryID parameter. | |
| CVE-2018-5988 | Cri | 0.68 | 9.8 | 0.19 | Jan 24, 2018 | SQL Injection exists in Flexible Poll 1.2 via the id parameter to mobile_preview.php or index.php. | ||
| CVE-2018-5985 | Cri | 0.68 | 9.8 | 0.19 | Jan 24, 2018 | SQL Injection exists in the LiveCRM SaaS Cloud 1.0 component for Joomla! via an r=site/login&company_id= request. | ||
| CVE-2018-5979 | — | Cri | 0.68 | 9.8 | 0.16 | Jan 24, 2018 | SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1.5 via the login.php User field. | |
| CVE-2018-5972 | — | Cri | 0.68 | 9.8 | 0.19 | Jan 24, 2018 | SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI. |
- risk 0.69cvss 9.8epss 0.62
SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.
- risk 0.68cvss 9.3epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce recover-wc-abandoned-cart allows SQL Injection.This issue affects Recover abandoned cart for WooCommerce: from n/a through <=…
- risk 0.68cvss 10.0epss 0.61
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_only_fields' parameter of the /wp-json/learnpress/v1/courses REST API endpoint in all versions up to, and including, 4.2.7 due to insufficient escaping on the user supplied…
- risk 0.68cvss 9.8epss 0.36
ASIS (aka Aplikasi Sistem Sekolah using CodeIgniter 3) 3.0.0 through 3.2.0 allows index.php username SQL injection for Authentication Bypass.
- risk 0.68cvss 9.3epss 0.06
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5.
- risk 0.68cvss 9.8epss 0.50
The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request.
- risk 0.68cvss 9.8epss 0.11
The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL injection vulnerability that affects the 'album_id' or 'scope' parameter via a photo-gallery/api/album/tree_lists/ URI.
- risk 0.68cvss 9.8epss 0.12
The valueAsString parameter inside the JSON payload contained by the ucLogin_txtLoginId_ClientStat POST parameter of the Sungard eTRAKiT3 software version 3.2.1.17 is not properly validated. An unauthenticated remote attacker may be able to modify the POST request and insert a…
- risk 0.68cvss 9.8epss 0.11
A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 edit policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.
- risk 0.68cvss 9.8epss 0.11
A SQL injection vulnerability in a Trend Micro Email Encryption Gateway 5.5 policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.
- risk 0.68cvss 9.8epss 0.20
SQL Injection exists in the CW Tags 2.0.6 component for Joomla! via the searchtext array parameter.
- risk 0.68cvss 9.8epss 0.19
SQL Injection exists in the Timetable Responsive Schedule 1.5 component for Joomla! via a view=event&alias= request.
- risk 0.68cvss 9.8epss 0.19
SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter.
- risk 0.68cvss 9.8epss 0.49
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUJobCountHistory Get method…
- risk 0.68cvss 9.8epss 0.10
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Acknowledge method…
- risk 0.68cvss 9.8epss 0.20
SQL Injection exists in Professional Local Directory Script 1.0 via the sellers_subcategories.php IndustryID parameter, or the suppliers.php IndustryID or CategoryID parameter.
- risk 0.68cvss 9.8epss 0.19
SQL Injection exists in Flexible Poll 1.2 via the id parameter to mobile_preview.php or index.php.
- risk 0.68cvss 9.8epss 0.19
SQL Injection exists in the LiveCRM SaaS Cloud 1.0 component for Joomla! via an r=site/login&company_id= request.
- risk 0.68cvss 9.8epss 0.16
SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1.5 via the login.php User field.
- risk 0.68cvss 9.8epss 0.19
SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI.