CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (12,807)
page 314 of 641| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-35708 | Hig | 0.47 | 7.2 | 0.01 | Dec 25, 2020 | phpList 3.5.9 allows SQL injection by admins who provide a crafted fourth line of a file to the "Config - Import Administrators" page. | ||
| CVE-2020-25608 | Hig | 0.47 | 7.2 | 0.01 | Dec 18, 2020 | The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to access user credentials due to improper input validation, aka SQL Injection. | ||
| CVE-2019-19286 | Hig | 0.47 | 7.2 | 0.01 | Dec 14, 2020 | A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow SQL injection attacks if an attacker is able to modify content of particular web pages. | ||
| CVE-2020-35382 | Hig | 0.47 | 7.2 | 0.01 | Dec 14, 2020 | SQL Injection in Classbooking before 2.4.1 via the username field of a CSV file when adding a new user. | ||
| CVE-2020-21667 | Hig | 0.47 | 7.2 | 0.01 | Nov 13, 2020 | In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL injection. | ||
| CVE-2020-26805 | Hig | 0.47 | 7.2 | 0.01 | Nov 12, 2020 | In Sentrifugo 3.2, admin can edit employee's informations via this endpoint --> /sentrifugo/index.php/empadditionaldetails/edit/userid/2. In this POST request, "employeeNumId" parameter is affected by SQLi vulnerability. Attacker can inject SQL commands into query, read data… | ||
| CVE-2020-15849 | Hig | 0.47 | 7.2 | 0.03 | Sep 30, 2020 | Re:Desk 2.3 has a blind authenticated SQL injection vulnerability in the SettingsController class, in the actionEmailTemplates() method. A malicious actor with access to an administrative account could abuse this vulnerability to recover sensitive data from the application's… | ||
| CVE-2020-24593 | Hig | 0.47 | 7.2 | 0.01 | Sep 25, 2020 | Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation. | ||
| CVE-2020-6114 | Hig | 0.47 | 7.2 | 0.02 | Jul 10, 2020 | An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to… | ||
| CVE-2020-15308 | Hig | 0.47 | 7.2 | 0.01 | Jun 26, 2020 | Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-authentication SQL injection via the site_edit.php typeid or site parameter, the search_incidents_advanced.php search_title parameter, or the report_qbe.php criteriafield parameter. | ||
| CVE-2020-14960 | Hig | 0.47 | 7.2 | 0.02 | Jun 22, 2020 | A SQL injection vulnerability in PHP-Fusion 9.03.50 affects the endpoint administration/comments.php via the ctype parameter, | ||
| CVE-2019-20842 | Hig | 0.47 | 7.2 | 0.01 | Jun 19, 2020 | An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels. | ||
| CVE-2020-3184 | Hig | 0.47 | 7.2 | 0.01 | May 22, 2020 | A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface… | ||
| CVE-2020-6253 | Hig | 0.47 | 7.2 | 0.01 | May 12, 2020 | Under certain conditions, SAP Adaptive Server Enterprise (Web Services), versions 15.7, 16.0, allows an authenticated user to execute crafted database queries to elevate their privileges, modify database objects, or execute commands they are not otherwise authorized to execute,… | ||
| CVE-2015-7342 | Hig | 0.47 | 7.2 | 0.01 | Mar 9, 2020 | JNews Joomla Component before 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, or Newsletters Search Field. | ||
| CVE-2015-7340 | Hig | 0.47 | 7.2 | 0.01 | Mar 9, 2020 | JEvents Joomla Component before 3.4.0 RC6 has SQL Injection via evid in a Manage Events action. | ||
| CVE-2015-7338 | Hig | 0.47 | 7.2 | 0.01 | Mar 9, 2020 | SQL Injection exists in AcyMailing Joomla Component before 4.9.5 via exportgeolocorder in a geolocation_longitude request to index.php. | ||
| CVE-2020-9340 | Hig | 0.47 | 7.2 | 0.01 | Feb 22, 2020 | fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter. | ||
| CVE-2020-9318 | Hig | 0.47 | 7.2 | 0.01 | Feb 20, 2020 | Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative user to perform a SQL injection attack by configuring the SNMP alert settings in the UI. This is fixed in 9.2.15. | ||
| CVE-2020-9269 | Hig | 0.47 | 7.2 | 0.02 | Feb 18, 2020 | SOPlanning 1.45 is vulnerable to authenticated SQL Injection that leads to command execution via the users parameter, as demonstrated by export_ical.php. |
- risk 0.47cvss 7.2epss 0.01
phpList 3.5.9 allows SQL injection by admins who provide a crafted fourth line of a file to the "Config - Import Administrators" page.
- risk 0.47cvss 7.2epss 0.01
The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to access user credentials due to improper input validation, aka SQL Injection.
- risk 0.47cvss 7.2epss 0.01
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow SQL injection attacks if an attacker is able to modify content of particular web pages.
- risk 0.47cvss 7.2epss 0.01
SQL Injection in Classbooking before 2.4.1 via the username field of a CSV file when adding a new user.
- risk 0.47cvss 7.2epss 0.01
In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL injection.
- risk 0.47cvss 7.2epss 0.01
In Sentrifugo 3.2, admin can edit employee's informations via this endpoint --> /sentrifugo/index.php/empadditionaldetails/edit/userid/2. In this POST request, "employeeNumId" parameter is affected by SQLi vulnerability. Attacker can inject SQL commands into query, read data…
- risk 0.47cvss 7.2epss 0.03
Re:Desk 2.3 has a blind authenticated SQL injection vulnerability in the SettingsController class, in the actionEmailTemplates() method. A malicious actor with access to an administrative account could abuse this vulnerability to recover sensitive data from the application's…
- risk 0.47cvss 7.2epss 0.01
Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation.
- risk 0.47cvss 7.2epss 0.02
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to…
- risk 0.47cvss 7.2epss 0.01
Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-authentication SQL injection via the site_edit.php typeid or site parameter, the search_incidents_advanced.php search_title parameter, or the report_qbe.php criteriafield parameter.
- risk 0.47cvss 7.2epss 0.02
A SQL injection vulnerability in PHP-Fusion 9.03.50 affects the endpoint administration/comments.php via the ctype parameter,
- risk 0.47cvss 7.2epss 0.01
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels.
- risk 0.47cvss 7.2epss 0.01
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface…
- risk 0.47cvss 7.2epss 0.01
Under certain conditions, SAP Adaptive Server Enterprise (Web Services), versions 15.7, 16.0, allows an authenticated user to execute crafted database queries to elevate their privileges, modify database objects, or execute commands they are not otherwise authorized to execute,…
- risk 0.47cvss 7.2epss 0.01
JNews Joomla Component before 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, or Newsletters Search Field.
- risk 0.47cvss 7.2epss 0.01
JEvents Joomla Component before 3.4.0 RC6 has SQL Injection via evid in a Manage Events action.
- risk 0.47cvss 7.2epss 0.01
SQL Injection exists in AcyMailing Joomla Component before 4.9.5 via exportgeolocorder in a geolocation_longitude request to index.php.
- risk 0.47cvss 7.2epss 0.01
fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter.
- risk 0.47cvss 7.2epss 0.01
Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative user to perform a SQL injection attack by configuring the SNMP alert settings in the UI. This is fixed in 9.2.15.
- risk 0.47cvss 7.2epss 0.02
SOPlanning 1.45 is vulnerable to authenticated SQL Injection that leads to command execution via the users parameter, as demonstrated by export_ical.php.