CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (12,807)
page 339 of 641| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-35487 | Med | 0.42 | 6.5 | 0.01 | May 25, 2022 | Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain… | ||
| CVE-2013-10003 | Med | 0.42 | 6.5 | 0.01 | May 24, 2022 | A vulnerability classified as critical has been found in Telecommunication Software SAMwin Contact Center Suite 5.1. This affects the function getCurrentDBVersion in the library SAMwinLIBVB.dll of the database handler. The manipulation leads to sql injection. The exploit has… | ||
| CVE-2022-29498 | — | Hig | 0.42 | 7.5 | 0.01 | Apr 21, 2022 | Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run. | |
| CVE-2022-1339 | Hig | 0.42 | 7.5 | 0.05 | Apr 13, 2022 | SQL injection in ElementController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data | ||
| CVE-2022-27127 | Med | 0.42 | 6.5 | 0.01 | Apr 10, 2022 | zbzcms v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php/ajax.php. | ||
| CVE-2022-1219 | Hig | 0.42 | 7.5 | 0.01 | Apr 8, 2022 | SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data | ||
| CVE-2021-40645 | Med | 0.42 | 6.5 | 0.01 | Mar 30, 2022 | An SQL Injection vulnerability exists in glorylion JFinalOA as of 9/7/2021 in the defkey parameter getHaveDoneTaskDataList method of the FlowTaskController. | ||
| CVE-2021-40644 | Med | 0.42 | 6.5 | 0.01 | Mar 30, 2022 | An SQL Injection vulnerability exists in oasys oa_system as of 9/7/2021 in resources/mappers/notice-mapper.xml. | ||
| CVE-2022-24956 | Med | 0.42 | 6.5 | 0.01 | Mar 29, 2022 | An issue was discovered in Shopware B2B-Suite through 4.4.1. The sort-by parameter of the search functionality of b2border and b2borderlist allows SQL injection. Possible techniques are boolean-based blind, time-based blind, and potentially stacked queries. The vulnerability… | ||
| CVE-2021-43091 | Hig | 0.42 | 7.5 | 0.01 | Mar 25, 2022 | An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via the email parameter in the registration form. | ||
| CVE-2022-0153 | Hig | 0.42 | 7.5 | 0.01 | Mar 24, 2022 | SQL Injection in GitHub repository forkcms/forkcms prior to 5.11.1. | ||
| CVE-2022-25506 | — | Med | 0.42 | 6.5 | 0.01 | Mar 11, 2022 | FreeTAKServer-UI v1.9.8 was discovered to contain a SQL injection vulnerability via the API endpoint /AuthenticateUser. | |
| CVE-2021-43969 | Med | 0.42 | 6.5 | 0.01 | Mar 10, 2022 | The login.jsp page of Quicklert for Digium 10.0.0 (1043) is affected by both Blind SQL Injection with Out-of-Band Interaction (DNS) and Blind Time-Based SQL Injections. Exploitation can be used to disclose all data within the database (up to and including the administrative… | ||
| CVE-2021-24928 | Med | 0.42 | 6.5 | 0.01 | Feb 7, 2022 | The Rearrange Woocommerce Products WordPress plugin before 3.0.8 does not have proper access controls in the save_all_order AJAX action, nor validation and escaping when inserting user data in SQL statement, leading to an SQL injection, and allowing any authenticated user, such… | ||
| CVE-2021-21937 | — | Med | 0.42 | 6.5 | 0.01 | Dec 22, 2021 | A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘host_alt_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery. | |
| CVE-2021-21935 | — | Med | 0.42 | 6.5 | 0.01 | Dec 22, 2021 | A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘host_alt_filter2’ parameter. This can be done as any authenticated user or through cross-site request forgery. | |
| CVE-2021-21934 | Med | 0.42 | 6.5 | 0.01 | Dec 22, 2021 | A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘imei_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery. | ||
| CVE-2021-21933 | — | Med | 0.42 | 6.5 | 0.01 | Dec 22, 2021 | A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘esn_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery. | |
| CVE-2021-21932 | — | Med | 0.42 | 6.5 | 0.01 | Dec 22, 2021 | A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘name_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery. | |
| CVE-2021-21931 | Med | 0.42 | 6.5 | 0.01 | Dec 22, 2021 | A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at‘ stat_filter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery. |
- risk 0.42cvss 6.5epss 0.01
Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain…
- risk 0.42cvss 6.5epss 0.01
A vulnerability classified as critical has been found in Telecommunication Software SAMwin Contact Center Suite 5.1. This affects the function getCurrentDBVersion in the library SAMwinLIBVB.dll of the database handler. The manipulation leads to sql injection. The exploit has…
- risk 0.42cvss 7.5epss 0.01
Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run.
- risk 0.42cvss 7.5epss 0.05
SQL injection in ElementController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data
- risk 0.42cvss 6.5epss 0.01
zbzcms v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php/ajax.php.
- risk 0.42cvss 7.5epss 0.01
SQL injection in RecyclebinController.php in GitHub repository pimcore/pimcore prior to 10.3.5. This vulnerability is capable of steal the data
- risk 0.42cvss 6.5epss 0.01
An SQL Injection vulnerability exists in glorylion JFinalOA as of 9/7/2021 in the defkey parameter getHaveDoneTaskDataList method of the FlowTaskController.
- risk 0.42cvss 6.5epss 0.01
An SQL Injection vulnerability exists in oasys oa_system as of 9/7/2021 in resources/mappers/notice-mapper.xml.
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in Shopware B2B-Suite through 4.4.1. The sort-by parameter of the search functionality of b2border and b2borderlist allows SQL injection. Possible techniques are boolean-based blind, time-based blind, and potentially stacked queries. The vulnerability…
- risk 0.42cvss 7.5epss 0.01
An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via the email parameter in the registration form.
- risk 0.42cvss 7.5epss 0.01
SQL Injection in GitHub repository forkcms/forkcms prior to 5.11.1.
- risk 0.42cvss 6.5epss 0.01
FreeTAKServer-UI v1.9.8 was discovered to contain a SQL injection vulnerability via the API endpoint /AuthenticateUser.
- risk 0.42cvss 6.5epss 0.01
The login.jsp page of Quicklert for Digium 10.0.0 (1043) is affected by both Blind SQL Injection with Out-of-Band Interaction (DNS) and Blind Time-Based SQL Injections. Exploitation can be used to disclose all data within the database (up to and including the administrative…
- risk 0.42cvss 6.5epss 0.01
The Rearrange Woocommerce Products WordPress plugin before 3.0.8 does not have proper access controls in the save_all_order AJAX action, nor validation and escaping when inserting user data in SQL statement, leading to an SQL injection, and allowing any authenticated user, such…
- risk 0.42cvss 6.5epss 0.01
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘host_alt_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
- risk 0.42cvss 6.5epss 0.01
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘host_alt_filter2’ parameter. This can be done as any authenticated user or through cross-site request forgery.
- risk 0.42cvss 6.5epss 0.01
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘imei_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
- risk 0.42cvss 6.5epss 0.01
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘esn_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
- risk 0.42cvss 6.5epss 0.01
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘name_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
- risk 0.42cvss 6.5epss 0.01
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at‘ stat_filter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.