VYPR

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (12,807)

page 314 of 641
  • CVE-2020-35708HigDec 25, 2020
    risk 0.47cvss 7.2epss 0.01

    phpList 3.5.9 allows SQL injection by admins who provide a crafted fourth line of a file to the "Config - Import Administrators" page.

  • CVE-2020-25608HigDec 18, 2020
    risk 0.47cvss 7.2epss 0.01

    The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to access user credentials due to improper input validation, aka SQL Injection.

  • CVE-2019-19286HigDec 14, 2020
    risk 0.47cvss 7.2epss 0.01

    A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow SQL injection attacks if an attacker is able to modify content of particular web pages.

  • CVE-2020-35382HigDec 14, 2020
    risk 0.47cvss 7.2epss 0.01

    SQL Injection in Classbooking before 2.4.1 via the username field of a CSV file when adding a new user.

  • CVE-2020-21667HigNov 13, 2020
    risk 0.47cvss 7.2epss 0.01

    In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL injection.

  • CVE-2020-26805HigNov 12, 2020
    risk 0.47cvss 7.2epss 0.01

    In Sentrifugo 3.2, admin can edit employee's informations via this endpoint --> /sentrifugo/index.php/empadditionaldetails/edit/userid/2. In this POST request, "employeeNumId" parameter is affected by SQLi vulnerability. Attacker can inject SQL commands into query, read data…

  • CVE-2020-15849HigSep 30, 2020
    risk 0.47cvss 7.2epss 0.03

    Re:Desk 2.3 has a blind authenticated SQL injection vulnerability in the SettingsController class, in the actionEmailTemplates() method. A malicious actor with access to an administrative account could abuse this vulnerability to recover sensitive data from the application's…

  • CVE-2020-24593HigSep 25, 2020
    risk 0.47cvss 7.2epss 0.01

    Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation.

  • CVE-2020-6114HigJul 10, 2020
    risk 0.47cvss 7.2epss 0.02

    An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to…

  • CVE-2020-15308HigJun 26, 2020
    risk 0.47cvss 7.2epss 0.01

    Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-authentication SQL injection via the site_edit.php typeid or site parameter, the search_incidents_advanced.php search_title parameter, or the report_qbe.php criteriafield parameter.

  • CVE-2020-14960HigJun 22, 2020
    risk 0.47cvss 7.2epss 0.02

    A SQL injection vulnerability in PHP-Fusion 9.03.50 affects the endpoint administration/comments.php via the ctype parameter,

  • CVE-2019-20842HigJun 19, 2020
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There is SQL injection by admins via SearchAllChannels.

  • CVE-2020-3184HigMay 22, 2020
    risk 0.47cvss 7.2epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface…

  • CVE-2020-6253HigMay 12, 2020
    risk 0.47cvss 7.2epss 0.01

    Under certain conditions, SAP Adaptive Server Enterprise (Web Services), versions 15.7, 16.0, allows an authenticated user to execute crafted database queries to elevate their privileges, modify database objects, or execute commands they are not otherwise authorized to execute,…

  • CVE-2015-7342HigMar 9, 2020
    risk 0.47cvss 7.2epss 0.01

    JNews Joomla Component before 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, or Newsletters Search Field.

  • CVE-2015-7340HigMar 9, 2020
    risk 0.47cvss 7.2epss 0.01

    JEvents Joomla Component before 3.4.0 RC6 has SQL Injection via evid in a Manage Events action.

  • CVE-2015-7338HigMar 9, 2020
    risk 0.47cvss 7.2epss 0.01

    SQL Injection exists in AcyMailing Joomla Component before 4.9.5 via exportgeolocorder in a geolocation_longitude request to index.php.

  • CVE-2020-9340HigFeb 22, 2020
    risk 0.47cvss 7.2epss 0.01

    fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter.

  • CVE-2020-9318HigFeb 20, 2020
    risk 0.47cvss 7.2epss 0.01

    Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative user to perform a SQL injection attack by configuring the SNMP alert settings in the UI. This is fixed in 9.2.15.

  • CVE-2020-9269HigFeb 18, 2020
    risk 0.47cvss 7.2epss 0.02

    SOPlanning 1.45 is vulnerable to authenticated SQL Injection that leads to command execution via the users parameter, as demonstrated by export_ical.php.