CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (12,807)
page 317 of 641| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-9615 | Hig | 0.47 | 7.2 | 0.01 | Mar 6, 2019 | An issue was discovered in OFCMS before 1.1.3. It allows admin/system/generate/create?sql= SQL injection, related to SystemGenerateController.java. | ||
| CVE-2019-8422 | Hig | 0.47 | 7.2 | 0.01 | Feb 17, 2019 | A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php. | ||
| CVE-2019-8421 | Hig | 0.47 | 7.2 | 0.01 | Feb 17, 2019 | upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter. | ||
| CVE-2019-6708 | Hig | 0.47 | 7.2 | 0.01 | Jan 23, 2019 | PHPSHE 1.7 has SQL injection via the admin.php?mod=order state parameter. | ||
| CVE-2019-6707 | Hig | 0.47 | 7.2 | 0.01 | Jan 23, 2019 | PHPSHE 1.7 has SQL injection via the admin.php?mod=product&act=state product_id[] parameter. | ||
| CVE-2019-6691 | Hig | 0.47 | 7.2 | 0.01 | Jan 23, 2019 | phpwind 9.0.2.170426 UTF8 allows SQL Injection via the admin.php?m=backup&c=backup&a=doback tabledb[] parameter, related to the "--backup database" option. | ||
| CVE-2019-6127 | Hig | 0.47 | 7.2 | 0.02 | Jan 11, 2019 | An issue was discovered in XiaoCms 20141229. It allows admin/index.php?c=database table[] SQL injection. This can be used for PHP code execution via "INTO OUTFILE" with a .php filename. | ||
| CVE-2018-16175 | Hig | 0.47 | 7.2 | 0.01 | Jan 9, 2019 | SQL injection vulnerability in the LearnPress prior to version 3.1.0 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors. | ||
| CVE-2018-1000630 | Hig | 0.47 | 7.2 | 0.02 | Dec 28, 2018 | Battelle V2I Hub 2.5.1 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to /api/PluginStatusActions.php and /status/pluginStatus.php using the jtSorting or id parameter, which could allow the attacker to view, add,… | ||
| CVE-2018-7065 | Hig | 0.47 | 7.2 | 0.01 | Dec 7, 2018 | An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. All versions of ClearPass are affected by multiple authenticated SQL injection vulnerabilities. In each case, an authenticated administrative user of any type could… | ||
| CVE-2018-19897 | Hig | 0.47 | 7.2 | 0.01 | Dec 6, 2018 | ThinkCMF X2.2.2 has SQL Injection via the function _listorders() in AdminbaseController.class.php and is exploitable with the manager privilege via the listorders[key][1] parameter in a Link listorders action. | ||
| CVE-2018-19896 | Hig | 0.47 | 7.2 | 0.01 | Dec 6, 2018 | ThinkCMF X2.2.2 has SQL Injection via the function delete() in SlideController.class.php and is exploitable with the manager privilege via the ids[] parameter in a slide action. | ||
| CVE-2018-19895 | Hig | 0.47 | 7.2 | 0.01 | Dec 6, 2018 | ThinkCMF X2.2.2 has SQL Injection via the function edit_post() in NavController.class.php and is exploitable with the manager privilege via the parentid parameter in a nav action. | ||
| CVE-2018-19894 | Hig | 0.47 | 7.2 | 0.01 | Dec 6, 2018 | ThinkCMF X2.2.2 has SQL Injection via the functions check() and delete() in CommentadminController.class.php and is exploitable with the manager privilege via the ids[] parameter in a commentadmin action. | ||
| CVE-2018-19436 | Hig | 0.47 | 7.2 | 0.01 | Nov 22, 2018 | An issue was discovered in the Manufacturing component in webERP 4.15. CollectiveWorkOrderCost.php has Blind SQL Injection via the SearchParts parameter. | ||
| CVE-2018-19435 | Hig | 0.47 | 7.2 | 0.01 | Nov 22, 2018 | An issue was discovered in the Sales component in webERP 4.15. SalesInquiry.php has SQL Injection via the SortBy parameter. | ||
| CVE-2018-19434 | Hig | 0.47 | 7.2 | 0.01 | Nov 22, 2018 | An issue was discovered on the "Bank Account Matching - Receipts" screen of the General Ledger component in webERP 4.15. BankMatching.php has Blind SQL injection via the AmtClear_ parameter. | ||
| CVE-2018-19349 | Hig | 0.47 | 7.2 | 0.01 | Nov 17, 2018 | In SeaCMS v6.64, there is SQL injection via the admin_makehtml.php topic parameter because of mishandling in include/mkhtml.func.php. | ||
| CVE-2018-18790 | Hig | 0.47 | 7.2 | 0.01 | Oct 29, 2018 | An issue was discovered in zzcms 8.3. SQL Injection exists in admin/special_add.php via a zxbigclassid cookie. (This needs an admin user login.) | ||
| CVE-2018-18788 | Hig | 0.47 | 7.2 | 0.01 | Oct 29, 2018 | An issue was discovered in zzcms 8.3. SQL Injection exists in admin/classmanage.php via the tablename parameter. (This needs an admin user login.) |
- risk 0.47cvss 7.2epss 0.01
An issue was discovered in OFCMS before 1.1.3. It allows admin/system/generate/create?sql= SQL injection, related to SystemGenerateController.java.
- risk 0.47cvss 7.2epss 0.01
A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php.
- risk 0.47cvss 7.2epss 0.01
upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter.
- risk 0.47cvss 7.2epss 0.01
PHPSHE 1.7 has SQL injection via the admin.php?mod=order state parameter.
- risk 0.47cvss 7.2epss 0.01
PHPSHE 1.7 has SQL injection via the admin.php?mod=product&act=state product_id[] parameter.
- risk 0.47cvss 7.2epss 0.01
phpwind 9.0.2.170426 UTF8 allows SQL Injection via the admin.php?m=backup&c=backup&a=doback tabledb[] parameter, related to the "--backup database" option.
- risk 0.47cvss 7.2epss 0.02
An issue was discovered in XiaoCms 20141229. It allows admin/index.php?c=database table[] SQL injection. This can be used for PHP code execution via "INTO OUTFILE" with a .php filename.
- risk 0.47cvss 7.2epss 0.01
SQL injection vulnerability in the LearnPress prior to version 3.1.0 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors.
- risk 0.47cvss 7.2epss 0.02
Battelle V2I Hub 2.5.1 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to /api/PluginStatusActions.php and /status/pluginStatus.php using the jtSorting or id parameter, which could allow the attacker to view, add,…
- risk 0.47cvss 7.2epss 0.01
An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. All versions of ClearPass are affected by multiple authenticated SQL injection vulnerabilities. In each case, an authenticated administrative user of any type could…
- risk 0.47cvss 7.2epss 0.01
ThinkCMF X2.2.2 has SQL Injection via the function _listorders() in AdminbaseController.class.php and is exploitable with the manager privilege via the listorders[key][1] parameter in a Link listorders action.
- risk 0.47cvss 7.2epss 0.01
ThinkCMF X2.2.2 has SQL Injection via the function delete() in SlideController.class.php and is exploitable with the manager privilege via the ids[] parameter in a slide action.
- risk 0.47cvss 7.2epss 0.01
ThinkCMF X2.2.2 has SQL Injection via the function edit_post() in NavController.class.php and is exploitable with the manager privilege via the parentid parameter in a nav action.
- risk 0.47cvss 7.2epss 0.01
ThinkCMF X2.2.2 has SQL Injection via the functions check() and delete() in CommentadminController.class.php and is exploitable with the manager privilege via the ids[] parameter in a commentadmin action.
- risk 0.47cvss 7.2epss 0.01
An issue was discovered in the Manufacturing component in webERP 4.15. CollectiveWorkOrderCost.php has Blind SQL Injection via the SearchParts parameter.
- risk 0.47cvss 7.2epss 0.01
An issue was discovered in the Sales component in webERP 4.15. SalesInquiry.php has SQL Injection via the SortBy parameter.
- risk 0.47cvss 7.2epss 0.01
An issue was discovered on the "Bank Account Matching - Receipts" screen of the General Ledger component in webERP 4.15. BankMatching.php has Blind SQL injection via the AmtClear_ parameter.
- risk 0.47cvss 7.2epss 0.01
In SeaCMS v6.64, there is SQL injection via the admin_makehtml.php topic parameter because of mishandling in include/mkhtml.func.php.
- risk 0.47cvss 7.2epss 0.01
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/special_add.php via a zxbigclassid cookie. (This needs an admin user login.)
- risk 0.47cvss 7.2epss 0.01
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/classmanage.php via the tablename parameter. (This needs an admin user login.)