CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (12,807)
page 310 of 641| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-24858 | Hig | 0.47 | 7.2 | 0.01 | Jan 24, 2022 | The Cookie Notification Plugin for WordPress plugin before 1.0.9 does not sanitise or escape the id GET parameter before using it in a SQL statement, when retrieving the setting to edit in the admin dashboard, leading to an authenticated SQL Injection | ||
| CVE-2021-25023 | Hig | 0.47 | 7.2 | 0.01 | Jan 3, 2022 | The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress plugin before 4.3.3.1 does not escape the sbp_convert_table_name parameter before using it in a SQL statement to convert the related table, leading to an SQL injection | ||
| CVE-2021-24753 | Hig | 0.47 | 7.2 | 0.01 | Dec 27, 2021 | The Rich Reviews by Starfish WordPress plugin before 1.9.6 does not properly validate the orderby GET parameter of the pending reviews page before using it in a SQL statement, leading to an authenticated SQL injection issue | ||
| CVE-2021-24861 | Hig | 0.47 | 7.2 | 0.01 | Dec 13, 2021 | The Quotes Collection WordPress plugin through 2.5.2 does not validate and escape the bulkcheck parameter before using it in a SQL statement, leading to a SQL injection | ||
| CVE-2021-24747 | Hig | 0.47 | 7.2 | 0.01 | Dec 13, 2021 | The SEO Booster WordPress plugin before 3.8 allows for authenticated SQL injection via the "fn_my_ajaxified_dataloader_ajax" AJAX request as the $_REQUEST['order'][0]['dir'] parameter is not properly escaped leading to blind and error-based SQL injections. | ||
| CVE-2021-40280 | Hig | 0.47 | 7.2 | 0.01 | Dec 9, 2021 | An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/dl_sendmail.php. | ||
| CVE-2021-40279 | Hig | 0.47 | 7.2 | 0.01 | Dec 9, 2021 | An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/bad.php. | ||
| CVE-2021-40861 | Hig | 0.47 | 7.2 | 0.02 | Dec 8, 2021 | A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) 9.0.017.07 allows an attacker to execute arbitrary SQL queries via the value attribute, with which all data in the database can be extracted and OS command execution is… | ||
| CVE-2021-40860 | Hig | 0.47 | 7.2 | 0.02 | Dec 8, 2021 | A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the ql_expression parameter, with which all data in the database can be extracted and OS command… | ||
| CVE-2021-40578 | Hig | 0.47 | 7.2 | 0.01 | Dec 7, 2021 | Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment Management System in PHP and PayPal Free Source Code 1.0, that allows attackers to obtain sensitive information and execute arbitrary SQL commands via IDNO parameter. | ||
| CVE-2021-25784 | Hig | 0.47 | 7.2 | 0.01 | Dec 2, 2021 | Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Edit Article. | ||
| CVE-2021-25783 | Hig | 0.47 | 7.2 | 0.01 | Dec 2, 2021 | Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Article Search. | ||
| CVE-2020-35012 | Hig | 0.47 | 7.2 | 0.01 | Dec 1, 2021 | The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to an SQL Injection | ||
| CVE-2021-24889 | Hig | 0.47 | 7.2 | 0.01 | Nov 29, 2021 | The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields POST parameter, which could allow high privilege users to perform SQL injections attacks | ||
| CVE-2021-24860 | Hig | 0.47 | 7.2 | 0.01 | Nov 29, 2021 | The BSK PDF Manager WordPress plugin before 3.1.2 does not validate and escape the orderby and order parameters before using them in a SQL statement, leading to a SQL injection issue | ||
| CVE-2021-24877 | Hig | 0.47 | 7.2 | 0.01 | Nov 23, 2021 | The MainWP Child WordPress plugin before 4.1.8 does not validate the orderby and order parameter before using them in a SQL statement, leading to an SQL injection exploitable by high privilege users such as admin when the Backup and Staging by WP Time Capsule plugin is installed | ||
| CVE-2021-24844 | Hig | 0.47 | 7.2 | 0.01 | Nov 8, 2021 | The Affiliates Manager WordPress plugin before 2.8.7 does not validate the orderby parameter before using it in an SQL statement in the admin dashboard, leading to an SQL Injection issue | ||
| CVE-2021-24791 | Hig | 0.47 | 7.2 | 0.05 | Nov 8, 2021 | The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the "orderby" and "order" request parameters before using them in a SQL statement when viewing the Snippets admin dashboard, leading to SQL injections | ||
| CVE-2021-24629 | Hig | 0.47 | 7.2 | 0.01 | Nov 8, 2021 | The Post Content XMLRPC WordPress plugin through 1.0 does not sanitise or escape multiple GET/POST parameters before using them in SQL statements in the admin dashboard, leading to an authenticated SQL Injections | ||
| CVE-2021-24628 | Hig | 0.47 | 7.2 | 0.01 | Nov 8, 2021 | The Wow Forms WordPress plugin through 3.1.3 does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authenticated SQL injection |
- risk 0.47cvss 7.2epss 0.01
The Cookie Notification Plugin for WordPress plugin before 1.0.9 does not sanitise or escape the id GET parameter before using it in a SQL statement, when retrieving the setting to edit in the admin dashboard, leading to an authenticated SQL Injection
- risk 0.47cvss 7.2epss 0.01
The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress plugin before 4.3.3.1 does not escape the sbp_convert_table_name parameter before using it in a SQL statement to convert the related table, leading to an SQL injection
- risk 0.47cvss 7.2epss 0.01
The Rich Reviews by Starfish WordPress plugin before 1.9.6 does not properly validate the orderby GET parameter of the pending reviews page before using it in a SQL statement, leading to an authenticated SQL injection issue
- risk 0.47cvss 7.2epss 0.01
The Quotes Collection WordPress plugin through 2.5.2 does not validate and escape the bulkcheck parameter before using it in a SQL statement, leading to a SQL injection
- risk 0.47cvss 7.2epss 0.01
The SEO Booster WordPress plugin before 3.8 allows for authenticated SQL injection via the "fn_my_ajaxified_dataloader_ajax" AJAX request as the $_REQUEST['order'][0]['dir'] parameter is not properly escaped leading to blind and error-based SQL injections.
- risk 0.47cvss 7.2epss 0.01
An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/dl_sendmail.php.
- risk 0.47cvss 7.2epss 0.01
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in admin/bad.php.
- risk 0.47cvss 7.2epss 0.02
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) 9.0.017.07 allows an attacker to execute arbitrary SQL queries via the value attribute, with which all data in the database can be extracted and OS command execution is…
- risk 0.47cvss 7.2epss 0.02
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the ql_expression parameter, with which all data in the database can be extracted and OS command…
- risk 0.47cvss 7.2epss 0.01
Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment Management System in PHP and PayPal Free Source Code 1.0, that allows attackers to obtain sensitive information and execute arbitrary SQL commands via IDNO parameter.
- risk 0.47cvss 7.2epss 0.01
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Edit Article.
- risk 0.47cvss 7.2epss 0.01
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function Article Search.
- risk 0.47cvss 7.2epss 0.01
The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to an SQL Injection
- risk 0.47cvss 7.2epss 0.01
The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields POST parameter, which could allow high privilege users to perform SQL injections attacks
- risk 0.47cvss 7.2epss 0.01
The BSK PDF Manager WordPress plugin before 3.1.2 does not validate and escape the orderby and order parameters before using them in a SQL statement, leading to a SQL injection issue
- risk 0.47cvss 7.2epss 0.01
The MainWP Child WordPress plugin before 4.1.8 does not validate the orderby and order parameter before using them in a SQL statement, leading to an SQL injection exploitable by high privilege users such as admin when the Backup and Staging by WP Time Capsule plugin is installed
- risk 0.47cvss 7.2epss 0.01
The Affiliates Manager WordPress plugin before 2.8.7 does not validate the orderby parameter before using it in an SQL statement in the admin dashboard, leading to an SQL Injection issue
- risk 0.47cvss 7.2epss 0.05
The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the "orderby" and "order" request parameters before using them in a SQL statement when viewing the Snippets admin dashboard, leading to SQL injections
- risk 0.47cvss 7.2epss 0.01
The Post Content XMLRPC WordPress plugin through 1.0 does not sanitise or escape multiple GET/POST parameters before using them in SQL statements in the admin dashboard, leading to an authenticated SQL Injections
- risk 0.47cvss 7.2epss 0.01
The Wow Forms WordPress plugin through 3.1.3 does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authenticated SQL injection