CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (12,807)
page 324 of 641| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-10692 | Hig | 0.46 | — | 0.00 | Oct 3, 2025 | The endpoint POST /api/staff/get-new-tickets concatenates the user-controlled parameter departmentId directly into the SQL WHERE clause without parameter binding. As a result, an authenticated staff user (level ≥ 1) can inject SQL to alter the filter logic, effectively… | ||
| CVE-2025-50383 | Hig | 0.46 | 8.1 | 0.00 | Aug 25, 2025 | alextselegidis Easy!Appointments v1.5.1 was discovered to contain a SQL injection vulnerability via the order_by parameter. | ||
| CVE-2025-45346 | — | Hig | 0.46 | 8.1 | 0.01 | Jul 29, 2025 | SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request. | |
| CVE-2025-37104 | Hig | 0.46 | 7.1 | 0.00 | Jul 16, 2025 | A security vulnerability has been identified in HPE Telco Service Orchestrator software. The vulnerability could allow authenticated clients to to perform a SQL Injection attack when sending a service request, and potentially exfiltrate the database's vendor name to unauthorized… | ||
| CVE-2025-3751 | Hig | 0.46 | — | 0.00 | May 21, 2025 | The component listed above contains a vulnerability that can be exploited by an attacker to perform a SQL Injection attack. This could lead to unauthorised access to the database and exposure of sensitive information | ||
| CVE-2024-54447 | Hig | 0.46 | — | 0.00 | Mar 14, 2025 | Saved search functionality contains a blind SQL injection that can be exploited by authenticated attackers. Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof… | ||
| CVE-2024-54446 | Hig | 0.46 | — | 0.00 | Mar 14, 2025 | Document history functionality contains a blind SQL injection that can be exploited by authenticated attackers. Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack… | ||
| CVE-2025-26533 | Hig | 0.46 | 8.1 | 0.00 | Feb 24, 2025 | An SQL injection risk was identified in the module list filter within course search. | ||
| CVE-2025-22976 | Hig | 0.46 | 7.1 | 0.00 | Jan 15, 2025 | SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a local attacker to execute arbitrary code via not filtering the content correctly at the "checkOrder.php" shopId module. | ||
| CVE-2024-36263 | Hig | 0.46 | 8.1 | 0.01 | Jun 12, 2024 | ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: all versions. As this project is retired, we do not plan to… | ||
| CVE-2024-32655 | Hig | 0.46 | 8.1 | 0.02 | May 14, 2024 | Npgsql is the .NET data provider for PostgreSQL. The `WriteBind()` method in `src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs` uses `int` variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths… | ||
| CVE-2024-28816 | Hig | 0.46 | 7.1 | 0.00 | Mar 11, 2024 | Student Information Chatbot a0196ab allows SQL injection via the username to the login function in index.php. | ||
| CVE-2024-27289 | Hig | 0.46 | 8.1 | 0.01 | Mar 6, 2024 | pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a… | ||
| CVE-2023-28788 | Hig | 0.46 | 7.1 | 0.01 | Dec 20, 2023 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for… | ||
| CVE-2023-25990 | Hig | 0.46 | 7.1 | 0.01 | Nov 3, 2023 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10. | ||
| CVE-2023-26015 | Hig | 0.46 | 7.1 | 0.01 | Nov 3, 2023 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Chris Richardson MapPress Maps for WordPress mappress-google-maps-for-wordpress allows SQL Injection.This issue affects MapPress Maps for WordPress: from n/a through 2.85.4. | ||
| CVE-2023-35782 | — | Hig | 0.46 | 8.2 | 0.01 | Jun 16, 2023 | The ipandlanguageredirect extension before 5.1.2 for TYPO3 allows SQL Injection. | |
| CVE-2023-33967 | Hig | 0.46 | 8.2 | 0.01 | May 31, 2023 | EaseProbe is a tool that can do health/status checking. An SQL injection issue was discovered in EaseProbe before 2.1.0 when using MySQL/PostgreSQL data checking. This problem has been fixed in v2.1.0. | ||
| CVE-2022-24691 | Hig | 0.46 | 7.1 | 0.01 | Jul 18, 2022 | An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A SQL Injection vulnerability allows authenticated users to taint database data and extract sensitive information via crafted HTTP requests. The type of SQL Injection is blind boolean based. | ||
| CVE-2022-24815 | Hig | 0.46 | 8.1 | 0.01 | Apr 11, 2022 | JHipster is a development platform to quickly generate, develop, & deploy modern web applications & microservice architectures. SQL Injection vulnerability in entities for applications generated with the option "reactive with Spring WebFlux" enabled and an SQL database using… |
- risk 0.46cvss —epss 0.00
The endpoint POST /api/staff/get-new-tickets concatenates the user-controlled parameter departmentId directly into the SQL WHERE clause without parameter binding. As a result, an authenticated staff user (level ≥ 1) can inject SQL to alter the filter logic, effectively…
- risk 0.46cvss 8.1epss 0.00
alextselegidis Easy!Appointments v1.5.1 was discovered to contain a SQL injection vulnerability via the order_by parameter.
- risk 0.46cvss 8.1epss 0.01
SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request.
- risk 0.46cvss 7.1epss 0.00
A security vulnerability has been identified in HPE Telco Service Orchestrator software. The vulnerability could allow authenticated clients to to perform a SQL Injection attack when sending a service request, and potentially exfiltrate the database's vendor name to unauthorized…
- risk 0.46cvss —epss 0.00
The component listed above contains a vulnerability that can be exploited by an attacker to perform a SQL Injection attack. This could lead to unauthorised access to the database and exposure of sensitive information
- risk 0.46cvss —epss 0.00
Saved search functionality contains a blind SQL injection that can be exploited by authenticated attackers. Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof…
- risk 0.46cvss —epss 0.00
Document history functionality contains a blind SQL injection that can be exploited by authenticated attackers. Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack…
- risk 0.46cvss 8.1epss 0.00
An SQL injection risk was identified in the module list filter within course search.
- risk 0.46cvss 7.1epss 0.00
SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a local attacker to execute arbitrary code via not filtering the content correctly at the "checkOrder.php" shopId module.
- risk 0.46cvss 8.1epss 0.01
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: all versions. As this project is retired, we do not plan to…
- risk 0.46cvss 8.1epss 0.02
Npgsql is the .NET data provider for PostgreSQL. The `WriteBind()` method in `src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs` uses `int` variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths…
- risk 0.46cvss 7.1epss 0.00
Student Information Chatbot a0196ab allows SQL injection via the username to the login function in index.php.
- risk 0.46cvss 8.1epss 0.01
pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a…
- risk 0.46cvss 7.1epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for…
- risk 0.46cvss 7.1epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10.
- risk 0.46cvss 7.1epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Chris Richardson MapPress Maps for WordPress mappress-google-maps-for-wordpress allows SQL Injection.This issue affects MapPress Maps for WordPress: from n/a through 2.85.4.
- risk 0.46cvss 8.2epss 0.01
The ipandlanguageredirect extension before 5.1.2 for TYPO3 allows SQL Injection.
- risk 0.46cvss 8.2epss 0.01
EaseProbe is a tool that can do health/status checking. An SQL injection issue was discovered in EaseProbe before 2.1.0 when using MySQL/PostgreSQL data checking. This problem has been fixed in v2.1.0.
- risk 0.46cvss 7.1epss 0.01
An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A SQL Injection vulnerability allows authenticated users to taint database data and extract sensitive information via crafted HTTP requests. The type of SQL Injection is blind boolean based.
- risk 0.46cvss 8.1epss 0.01
JHipster is a development platform to quickly generate, develop, & deploy modern web applications & microservice architectures. SQL Injection vulnerability in entities for applications generated with the option "reactive with Spring WebFlux" enabled and an SQL database using…