VYPR

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (12,807)

page 311 of 641
  • CVE-2021-24627HigNov 8, 2021
    risk 0.47cvss 7.2epss 0.07

    The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leading to an authenticated SQL injection

  • CVE-2021-24625HigNov 8, 2021
    risk 0.47cvss 7.2epss 0.01

    The SpiderCatalog WordPress plugin through 1.7.3 does not sanitise or escape the 'parent' and 'ordering' parameters from the admin dashboard before using them in a SQL statement, leading to a SQL injection when adding a category

  • CVE-2021-24774HigOct 25, 2021
    risk 0.47cvss 7.2epss 0.01

    The Check & Log Email WordPress plugin before 1.0.3 does not validate and escape the "order" and "orderby" GET parameters before using them in a SQL statement when viewing logs, leading to SQL injections issues

  • CVE-2021-24769HigOct 25, 2021
    risk 0.47cvss 7.2epss 0.01

    The Permalink Manager Lite WordPress plugin before 2.2.13.1 does not validate and escape the orderby parameter before using it in a SQL statement in the Permalink Manager page, leading to a SQL Injection

  • CVE-2021-24662HigOct 25, 2021
    risk 0.47cvss 7.2epss 0.01

    The Game Server Status WordPress plugin through 1.0 does not validate or escape the server_id parameter before using it in SQL statement, leading to an Authenticated SQL Injection in an admin page

  • CVE-2020-23045HigOct 22, 2021
    risk 0.47cvss 7.2epss 0.01

    Macrob7 Macs Framework Content Management System - 1.14f was discovered to contain a SQL injection vulnerability via the 'roleId' parameter of the `editRole` and `deletUser` modules.

  • CVE-2021-24754HigOct 18, 2021
    risk 0.47cvss 7.2epss 0.01

    The MainWP Child Reports WordPress plugin before 2.0.8 does not validate or sanitise the order parameter before using it in a SQL statement in the admin dashboard, leading to an SQL injection issue

  • CVE-2021-41147HigOct 15, 2021
    risk 0.47cvss 7.2epss 0.02

    Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with admin rights in one agile dashboard…

  • CVE-2021-40992HigOct 15, 2021
    risk 0.47cvss 7.2epss 0.01

    A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released…

  • CVE-2021-33736HigOct 12, 2021
    risk 0.47cvss 7.2epss 0.01

    A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.

  • CVE-2021-33735HigOct 12, 2021
    risk 0.47cvss 7.2epss 0.01

    A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). A privileged authenticated attacker could execute arbitrary commands in the local database by sending crafted requests to the webserver of the affected application.

  • CVE-2021-41947HigOct 8, 2021
    risk 0.47cvss 7.2epss 0.01

    A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode.

  • CVE-2020-21013HigOct 1, 2021
    risk 0.47cvss 7.2epss 0.01

    emlog v6.0.0 contains a SQL injection via /admin/comment.php.

  • CVE-2020-20692HigSep 27, 2021
    risk 0.47cvss 7.2epss 0.01

    GilaCMS v1.11.4 was discovered to contain a SQL injection vulnerability via the $_GET parameter in /src/core/controllers/cm.php.

  • CVE-2021-24511HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.02

    The fetch_product_ajax functionality in the Product Feed on WooCommerce WordPress plugin before 3.3.1.0 uses a `product_id` POST parameter which is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

  • CVE-2021-24403HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.02

    The Orders functionality in the WordPress Page Contact plugin through 1.0 has an order_id parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. The feature is available to low privilege users such as contributors

  • CVE-2021-24402HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.05

    The Orders functionality in the WP iCommerce WordPress plugin through 1.1.1 has an `order_id` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. The feature is available to low privilege users such as contributors

  • CVE-2021-24401HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.05

    The Edit domain functionality in the WP Domain Redirect WordPress plugin through 1.0 has an `editid` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

  • CVE-2021-24400HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.02

    The Edit Role functionality in the Display Users WordPress plugin through 2.0.0 had an `id` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

  • CVE-2021-24399HigSep 20, 2021
    risk 0.47cvss 7.2epss 0.02

    The check_order function of The Sorter WordPress plugin through 1.0 uses an `area_id` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.