CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (10,236)
page 34 of 512| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-44868 | — | Cri | 0.64 | 9.8 | 0.01 | Feb 17, 2022 | A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/content/list.do | |
| CVE-2022-22881 | Cri | 0.64 | 9.8 | 0.01 | Feb 16, 2022 | Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /sys/user/queryUserComponentData. | ||
| CVE-2022-22880 | — | Cri | 0.64 | 9.8 | 0.01 | Feb 16, 2022 | Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /jeecg-boot/sys/user/queryUserByDepId. | |
| CVE-2021-44350 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 15, 2021 | SQL Injection vulnerability exists in ThinkPHP5 5.0.x <=5.1.22 via the parseOrder function in Builder.php. | |
| CVE-2020-20120 | — | Cri | 0.64 | 9.8 | 0.02 | Sep 28, 2021 | ThinkPHP v3.2.3 and below contains a SQL injection vulnerability which is triggered when the array is not passed to the "where" and "query" methods. | |
| CVE-2021-38302 | — | Cri | 0.64 | 9.8 | 0.01 | Aug 13, 2021 | The Newsletter extension through 4.0.0 for TYPO3 allows SQL Injection. | |
| CVE-2020-21808 | — | Cri | 0.64 | 9.8 | 0.02 | Jul 30, 2021 | SQL Injection vulnerability in NukeViet CMS 4.0.10 - 4.3.07 via:the topicsid parameter in modules/news/admin/addtotopics.php. | |
| CVE-2021-30459 | — | Cri | 0.64 | 9.8 | 0.02 | Apr 14, 2021 | A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the raw_sql input field of the SQL explain, analyze, or select form. | |
| CVE-2021-27130 | Cri | 0.64 | 9.8 | 0.02 | Apr 14, 2021 | Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload. | ||
| CVE-2021-28381 | — | Cri | 0.64 | 9.8 | 0.01 | Mar 16, 2021 | The vhs (aka VHS: Fluid ViewHelpers) extension before 5.1.1 for TYPO3 allows SQL injection via isLanguageViewHelper. | |
| CVE-2020-21176 | — | Cri | 0.64 | 9.8 | 0.01 | Feb 1, 2021 | SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS 3.2.10 allows remote attackers to execute arbitrary SQL commands via the step parameter. | |
| CVE-2020-23262 | — | Cri | 0.64 | 9.8 | 0.01 | Jan 26, 2021 | An issue was discovered in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do. | |
| CVE-2020-13926 | — | Cri | 0.64 | 9.8 | 0.02 | Jul 14, 2020 | Kylin concatenates and executes a Hive SQL in Hive CLI or beeline when building a new segment; some part of the HQL is from system configurations, while the configuration can be overwritten by certain rest api, which makes SQL injection attack is possible. Users of all previous… | |
| CVE-2017-18888 | — | Cri | 0.64 | 9.8 | 0.01 | Jun 19, 2020 | An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multiple posts. | |
| CVE-2016-11024 | — | Cri | 0.64 | 9.8 | 0.01 | Mar 30, 2020 | odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued. | |
| CVE-2016-11023 | — | Cri | 0.64 | 9.8 | 0.01 | Mar 30, 2020 | odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued. | |
| CVE-2014-8089 | — | Cri | 0.64 | 9.8 | 0.03 | Feb 17, 2020 | SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands via a null byte. | |
| CVE-2011-2715 | — | Cri | 0.64 | 9.8 | 0.01 | Jan 14, 2020 | An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names. | |
| CVE-2011-3583 | Cri | 0.64 | 9.8 | 0.01 | Nov 26, 2019 | It was found that Typo3 Core versions 4.5.0 - 4.5.5 uses prepared statements that, if the parameter values are not properly replaced, could lead to a SQL Injection vulnerability. This issue can only be exploited if two or more parameters are bound to the query and at least two… | ||
| CVE-2019-10757 | — | Cri | 0.64 | 9.8 | 0.01 | Oct 8, 2019 | knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB. |
- risk 0.64cvss 9.8epss 0.01
A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/content/list.do
- risk 0.64cvss 9.8epss 0.01
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /sys/user/queryUserComponentData.
- risk 0.64cvss 9.8epss 0.01
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /jeecg-boot/sys/user/queryUserByDepId.
- risk 0.64cvss 9.8epss 0.01
SQL Injection vulnerability exists in ThinkPHP5 5.0.x <=5.1.22 via the parseOrder function in Builder.php.
- risk 0.64cvss 9.8epss 0.02
ThinkPHP v3.2.3 and below contains a SQL injection vulnerability which is triggered when the array is not passed to the "where" and "query" methods.
- risk 0.64cvss 9.8epss 0.01
The Newsletter extension through 4.0.0 for TYPO3 allows SQL Injection.
- risk 0.64cvss 9.8epss 0.02
SQL Injection vulnerability in NukeViet CMS 4.0.10 - 4.3.07 via:the topicsid parameter in modules/news/admin/addtotopics.php.
- risk 0.64cvss 9.8epss 0.02
A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the raw_sql input field of the SQL explain, analyze, or select form.
- risk 0.64cvss 9.8epss 0.02
Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload.
- risk 0.64cvss 9.8epss 0.01
The vhs (aka VHS: Fluid ViewHelpers) extension before 5.1.1 for TYPO3 allows SQL injection via isLanguageViewHelper.
- risk 0.64cvss 9.8epss 0.01
SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS 3.2.10 allows remote attackers to execute arbitrary SQL commands via the step parameter.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do.
- risk 0.64cvss 9.8epss 0.02
Kylin concatenates and executes a Hive SQL in Hive CLI or beeline when building a new segment; some part of the HQL is from system configurations, while the configuration can be overwritten by certain rest api, which makes SQL injection attack is possible. Users of all previous…
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. It allows SQL injection during the fetching of multiple posts.
- risk 0.64cvss 9.8epss 0.01
odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
- risk 0.64cvss 9.8epss 0.01
odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
- risk 0.64cvss 9.8epss 0.03
SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands via a null byte.
- risk 0.64cvss 9.8epss 0.01
An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names.
- risk 0.64cvss 9.8epss 0.01
It was found that Typo3 Core versions 4.5.0 - 4.5.5 uses prepared statements that, if the parameter values are not properly replaced, could lead to a SQL Injection vulnerability. This issue can only be exploited if two or more parameters are bound to the query and at least two…
- risk 0.64cvss 9.8epss 0.01
knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB.