VYPR

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (12,807)

page 315 of 641
  • CVE-2015-2062HigFeb 8, 2020
    risk 0.47cvss 7.2epss 0.02

    Multiple SQL injection vulnerabilities in the Huge-IT Slider (slider-image) plugin before 2.7.0 for WordPress allow remote administrators to execute arbitrary SQL commands via the removeslide parameter in a popup_posts or edit_cat action in the sliders_huge_it_slider page to…

  • CVE-2019-15985HigJan 6, 2020
    risk 0.47cvss 7.2epss 0.03

    Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative…

  • CVE-2019-20337HigJan 5, 2020
    risk 0.47cvss 7.2epss 0.01

    In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL Injection.

  • CVE-2019-19732HigDec 30, 2019
    risk 0.47cvss 7.2epss 0.01

    translation_manage_text.ajax.php and various *_manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.3 directly insert values from the aSortDir_0 and/or sSortDir_0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically…

  • CVE-2019-6012HigDec 26, 2019
    risk 0.47cvss 7.2epss 0.01

    SQL injection vulnerability in the wpDataTables Lite Version 2.0.11 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2019-19850HigDec 17, 2019
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. Because escaping of user-submitted content is mishandled, the class QueryGenerator is vulnerable to SQL injection. Exploitation requires having the system extension ext:lowlevel installed,…

  • CVE-2019-18646HigNov 14, 2019
    risk 0.47cvss 7.2epss 0.01

    The Untangle NG firewall 14.2.0 is vulnerable to authenticated inline-query SQL injection within the timeDataDynamicColumn parameter when logged in as an admin user.

  • CVE-2019-17612HigOct 15, 2019
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in 74CMS v5.2.8. There is a SQL Injection generated by the _list method in the Common/Controller/BackendController.class.php file via the index.php?m=Admin&c=Ad&a=category sort parameter.

  • CVE-2015-9462HigOct 10, 2019
    risk 0.47cvss 7.2epss 0.02

    The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_category_page SQL injection via the cat_id parameter.

  • CVE-2015-9461HigOct 10, 2019
    risk 0.47cvss 7.2epss 0.02

    The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_portfolio_item_page SQL injection via the item_id parameter.

  • CVE-2015-9458HigOct 10, 2019
    risk 0.47cvss 7.2epss 0.02

    The searchterms-tagging-2 plugin through 1.535 for WordPress has SQL injection via the pk_stt2_db_get_popular_terms count parameter exploitable via CSRF.

  • CVE-2015-9457HigOct 10, 2019
    risk 0.47cvss 7.2epss 0.02

    The pretty-link plugin before 1.6.8 for WordPress has PrliLinksController::list_links SQL injection via the group parameter.

  • CVE-2019-17419HigOct 10, 2019
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in MetInfo 7.0. There is SQL injection via the admin/?n=user&c=admin_user&a=doGetUserInfo id parameter.

  • CVE-2019-17370HigOct 9, 2019
    risk 0.47cvss 7.2epss 0.02

    OTCMS v3.85 allows arbitrary PHP Code Execution because admin/sysCheckFile_deal.php blocks "into outfile" in a SELECT statement, but does not block the "into/**/outfile" manipulation. Therefore, the attacker can create a .php file.

  • CVE-2019-17292HigOct 7, 2019
    risk 0.47cvss 7.2epss 0.01

    SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin user.

  • CVE-2015-9449HigSep 26, 2019
    risk 0.47cvss 7.2epss 0.02

    The microblog-poster plugin before 1.6.2 for WordPress has SQL Injection via the wp-admin/options-general.php?page=microblogposter.php account_id parameter.

  • CVE-2015-9399HigSep 20, 2019
    risk 0.47cvss 7.2epss 0.02

    The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/graph_trend.php type SQL injection.

  • CVE-2019-4147HigSep 16, 2019
    risk 0.47cvss 7.2epss 0.01

    IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 158413.

  • CVE-2016-10951HigSep 13, 2019
    risk 0.47cvss 7.2epss 0.02

    The fs-shopping-cart plugin 2.07.02 for WordPress has SQL injection via the pid parameter.

  • CVE-2016-10947HigSep 13, 2019
    risk 0.47cvss 7.2epss 0.02

    The Post Indexer plugin before 3.0.6.2 for WordPress has SQL injection via the period parameter by a super admin.