VYPR

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (12,807)

page 309 of 641
  • CVE-2022-1006HigApr 11, 2022
    risk 0.47cvss 7.2epss 0.01

    The Advanced Booking Calendar WordPress plugin before 1.7.1 does not sanitise and escape the id parameter when editing Calendars, which could allow high privilege users such as admin to perform SQL injection attacks

  • CVE-2021-46436HigApr 8, 2022
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in ZZCMS 2021. There is a SQL injection vulnerability in ad_manage.php.

  • CVE-2022-0887HigApr 4, 2022
    risk 0.47cvss 7.2epss 0.01

    The Easy Social Icons WordPress plugin before 3.1.4 does not sanitize the selected_icons attribute to the cnss_widget before using it in an SQL statement, leading to a SQL injection vulnerability.

  • CVE-2021-25068HigMar 28, 2022
    risk 0.47cvss 7.2epss 0.01

    The Sync WooCommerce Product feed to Google Shopping WordPress plugin through 1.2.4 uses the 'feed_id' POST parameter which is not properly sanitized for use in a SQL statement, leading to a SQL injection vulnerability in the admin dashboard

  • CVE-2021-25064HigMar 28, 2022
    risk 0.47cvss 7.2epss 0.01

    The Wow Countdowns WordPress plugin through 3.1.2 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection.

  • CVE-2021-32474HigMar 11, 2022
    risk 0.47cvss 7.2epss 0.01

    An SQL injection risk existed on sites with MNet enabled and configured, via an XML-RPC call from the connected peer host. Note that this required site administrator access or access to the keypair. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier…

  • CVE-2022-25225HigMar 10, 2022
    risk 0.47cvss 7.2epss 0.03

    Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in '/api/eventinstance' via the 'sqlparameter' JSON parameter. It is also possible to achieve remote code execution in the default installation (PostgreSQL) by exploiting this issue.

  • CVE-2022-24281HigMar 8, 2022
    risk 0.47cvss 7.2epss 0.03

    A vulnerability has been identified in SINEC NMS (All versions < V1.0.3), SINEMA Server V14 (All versions). A privileged authenticated attacker could execute arbitrary commands in the local database by sending specially crafted requests to the webserver of the affected…

  • CVE-2022-0420HigMar 7, 2022
    risk 0.47cvss 7.2epss 0.01

    The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rm_form_id parameter before using it in a SQL statement in the Automation admin dashboard, allowing high privilege users to perform SQL injection attacks

  • CVE-2022-0267HigMar 7, 2022
    risk 0.47cvss 7.2epss 0.01

    The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotate_action before using it in a SQL statement via the adrotate_request_action function available to admins, leading to a SQL injection

  • CVE-2021-24778HigMar 7, 2022
    risk 0.47cvss 7.2epss 0.01

    The test parameter of the xmlfeed in the Tradetracker-Store WordPress plugin before 4.6.60 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

  • CVE-2021-24777HigMar 7, 2022
    risk 0.47cvss 7.2epss 0.01

    The view submission functionality in the Hotscot Contact Form WordPress plugin before 1.3 makes a get request with the sub_id parameter which not sanitised, escaped or validated before inserting to a SQL statement, leading to an SQL injection.

  • CVE-2022-23911HigFeb 28, 2022
    risk 0.47cvss 7.2epss 0.01

    The Testimonial WordPress Plugin WordPress plugin before 1.4.7 does not validate and escape the id parameter before using it in a SQL statement when retrieving a testimonial to edit, leading to a SQL Injection

  • CVE-2022-0383HigFeb 28, 2022
    risk 0.47cvss 7.2epss 0.01

    The WP Review Slider WordPress plugin before 11.0 does not sanitise and escape the pid parameter when copying a Twitter source, which could allow a high privilege users to perform SQL Injections attacks

  • CVE-2022-0255HigFeb 21, 2022
    risk 0.47cvss 7.2epss 0.01

    The Database Backup for WordPress plugin before 2.5.1 does not properly sanitise and escape the fragment parameter before using it in a SQL statement in the admin dashboard, leading to a SQL injection issue

  • CVE-2022-0228HigFeb 21, 2022
    risk 0.47cvss 7.2epss 0.06

    The Popup Builder WordPress plugin before 4.0.7 does not validate and properly escape the orderby and order parameters before using them in a SQL statement in the admin dashboard, which could allow high privilege users to perform SQL injection

  • CVE-2021-4208HigFeb 21, 2022
    risk 0.47cvss 7.2epss 0.01

    The ExportFeed WordPress plugin through 2.0.1.0 does not sanitise and escape the product_id POST parameter before using it in a SQL statement, leading to a SQL injection vulnerability exploitable by high privilege users

  • CVE-2020-8242HigFeb 18, 2022
    risk 0.47cvss 7.2epss 0.01

    Unsanitized user input in ExpressionEngine <= 5.4.0 control panel member creation leads to an SQL injection. The user needs member creation/admin control panel access to execute the attack.

  • CVE-2021-4134HigFeb 16, 2022
    risk 0.47cvss 7.2epss 0.01

    The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the ID parameter found in the ~/inc/api/class-view.php file which allows attackers with administrative level permissions to inject arbitrary SQL…

  • CVE-2021-25045HigJan 24, 2022
    risk 0.47cvss 7.2epss 0.01

    The Asgaros Forum WordPress plugin before 1.15.15 does not validate or escape the forum_id parameter before using it in a SQL statement when editing a forum, leading to an SQL injection issue