VYPR

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (12,807)

page 317 of 641
  • CVE-2019-9615HigMar 6, 2019
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in OFCMS before 1.1.3. It allows admin/system/generate/create?sql= SQL injection, related to SystemGenerateController.java.

  • CVE-2019-8422HigFeb 17, 2019
    risk 0.47cvss 7.2epss 0.01

    A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php.

  • CVE-2019-8421HigFeb 17, 2019
    risk 0.47cvss 7.2epss 0.01

    upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter.

  • CVE-2019-6708HigJan 23, 2019
    risk 0.47cvss 7.2epss 0.01

    PHPSHE 1.7 has SQL injection via the admin.php?mod=order state parameter.

  • CVE-2019-6707HigJan 23, 2019
    risk 0.47cvss 7.2epss 0.01

    PHPSHE 1.7 has SQL injection via the admin.php?mod=product&act=state product_id[] parameter.

  • CVE-2019-6691HigJan 23, 2019
    risk 0.47cvss 7.2epss 0.01

    phpwind 9.0.2.170426 UTF8 allows SQL Injection via the admin.php?m=backup&c=backup&a=doback tabledb[] parameter, related to the "--backup database" option.

  • CVE-2019-6127HigJan 11, 2019
    risk 0.47cvss 7.2epss 0.02

    An issue was discovered in XiaoCms 20141229. It allows admin/index.php?c=database table[] SQL injection. This can be used for PHP code execution via "INTO OUTFILE" with a .php filename.

  • CVE-2018-16175HigJan 9, 2019
    risk 0.47cvss 7.2epss 0.01

    SQL injection vulnerability in the LearnPress prior to version 3.1.0 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2018-1000630HigDec 28, 2018
    risk 0.47cvss 7.2epss 0.02

    Battelle V2I Hub 2.5.1 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to /api/PluginStatusActions.php and /status/pluginStatus.php using the jtSorting or id parameter, which could allow the attacker to view, add,…

  • CVE-2018-7065HigDec 7, 2018
    risk 0.47cvss 7.2epss 0.01

    An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. All versions of ClearPass are affected by multiple authenticated SQL injection vulnerabilities. In each case, an authenticated administrative user of any type could…

  • CVE-2018-19897HigDec 6, 2018
    risk 0.47cvss 7.2epss 0.01

    ThinkCMF X2.2.2 has SQL Injection via the function _listorders() in AdminbaseController.class.php and is exploitable with the manager privilege via the listorders[key][1] parameter in a Link listorders action.

  • CVE-2018-19896HigDec 6, 2018
    risk 0.47cvss 7.2epss 0.01

    ThinkCMF X2.2.2 has SQL Injection via the function delete() in SlideController.class.php and is exploitable with the manager privilege via the ids[] parameter in a slide action.

  • CVE-2018-19895HigDec 6, 2018
    risk 0.47cvss 7.2epss 0.01

    ThinkCMF X2.2.2 has SQL Injection via the function edit_post() in NavController.class.php and is exploitable with the manager privilege via the parentid parameter in a nav action.

  • CVE-2018-19894HigDec 6, 2018
    risk 0.47cvss 7.2epss 0.01

    ThinkCMF X2.2.2 has SQL Injection via the functions check() and delete() in CommentadminController.class.php and is exploitable with the manager privilege via the ids[] parameter in a commentadmin action.

  • CVE-2018-19436HigNov 22, 2018
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in the Manufacturing component in webERP 4.15. CollectiveWorkOrderCost.php has Blind SQL Injection via the SearchParts parameter.

  • CVE-2018-19435HigNov 22, 2018
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in the Sales component in webERP 4.15. SalesInquiry.php has SQL Injection via the SortBy parameter.

  • CVE-2018-19434HigNov 22, 2018
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered on the "Bank Account Matching - Receipts" screen of the General Ledger component in webERP 4.15. BankMatching.php has Blind SQL injection via the AmtClear_ parameter.

  • CVE-2018-19349HigNov 17, 2018
    risk 0.47cvss 7.2epss 0.01

    In SeaCMS v6.64, there is SQL injection via the admin_makehtml.php topic parameter because of mishandling in include/mkhtml.func.php.

  • CVE-2018-18790HigOct 29, 2018
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in zzcms 8.3. SQL Injection exists in admin/special_add.php via a zxbigclassid cookie. (This needs an admin user login.)

  • CVE-2018-18788HigOct 29, 2018
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in zzcms 8.3. SQL Injection exists in admin/classmanage.php via the tablename parameter. (This needs an admin user login.)