VYPR

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (10,236)

page 34 of 512
  • CVE-2021-44868CriFeb 17, 2022
    risk 0.64cvss 9.8epss 0.01

    A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/content/list.do

  • CVE-2022-22881CriFeb 16, 2022
    risk 0.64cvss 9.8epss 0.01

    Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /sys/user/queryUserComponentData.

  • CVE-2022-22880CriFeb 16, 2022
    risk 0.64cvss 9.8epss 0.01

    Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /jeecg-boot/sys/user/queryUserByDepId.

  • CVE-2021-44350CriDec 15, 2021
    risk 0.64cvss 9.8epss 0.01

    SQL Injection vulnerability exists in ThinkPHP5 5.0.x <=5.1.22 via the parseOrder function in Builder.php.

  • CVE-2020-20120CriSep 28, 2021
    risk 0.64cvss 9.8epss 0.02

    ThinkPHP v3.2.3 and below contains a SQL injection vulnerability which is triggered when the array is not passed to the "where" and "query" methods.

  • CVE-2021-38302CriAug 13, 2021
    risk 0.64cvss 9.8epss 0.01

    The Newsletter extension through 4.0.0 for TYPO3 allows SQL Injection.

  • CVE-2020-21808CriJul 30, 2021
    risk 0.64cvss 9.8epss 0.02

    SQL Injection vulnerability in NukeViet CMS 4.0.10 - 4.3.07 via:the topicsid parameter in modules/news/admin/addtotopics.php.

  • CVE-2021-30459CriApr 14, 2021
    risk 0.64cvss 9.8epss 0.02

    A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the raw_sql input field of the SQL explain, analyze, or select form.

  • CVE-2021-27130CriApr 14, 2021
    risk 0.64cvss 9.8epss 0.02

    Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload.

  • CVE-2021-28381CriMar 16, 2021
    risk 0.64cvss 9.8epss 0.01

    The vhs (aka VHS: Fluid ViewHelpers) extension before 5.1.1 for TYPO3 allows SQL injection via isLanguageViewHelper.

  • CVE-2020-21176CriFeb 1, 2021
    risk 0.64cvss 9.8epss 0.01

    SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS 3.2.10 allows remote attackers to execute arbitrary SQL commands via the step parameter.

  • CVE-2020-23262CriJan 26, 2021
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do.

  • CVE-2020-13926CriJul 14, 2020
    risk 0.64cvss 9.8epss 0.02

    Kylin concatenates and executes a Hive SQL in Hive CLI or beeline when building a new segment; some part of the HQL is from system configurations, while the configuration can be overwritten by certain rest api, which makes SQL injection attack is possible. Users of all previous…

  • CVE-2017-18888CriJun 19, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multiple posts.

  • CVE-2016-11024CriMar 30, 2020
    risk 0.64cvss 9.8epss 0.01

    odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.

  • CVE-2016-11023CriMar 30, 2020
    risk 0.64cvss 9.8epss 0.01

    odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.

  • CVE-2014-8089CriFeb 17, 2020
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands via a null byte.

  • CVE-2011-2715CriJan 14, 2020
    risk 0.64cvss 9.8epss 0.01

    An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names.

  • CVE-2011-3583CriNov 26, 2019
    risk 0.64cvss 9.8epss 0.01

    It was found that Typo3 Core versions 4.5.0 - 4.5.5 uses prepared statements that, if the parameter values are not properly replaced, could lead to a SQL Injection vulnerability. This issue can only be exploited if two or more parameters are bound to the query and at least two…

  • CVE-2019-10757CriOct 8, 2019
    risk 0.64cvss 9.8epss 0.01

    knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB.