VYPR

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (12,807)

page 340 of 641
  • CVE-2021-21930MedDec 22, 2021
    risk 0.42cvss 6.5epss 0.01

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at ‘sn_filter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.

  • CVE-2021-21929MedDec 22, 2021
    risk 0.42cvss 6.5epss 0.01

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at ‘prod_filter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.

  • CVE-2021-21928MedDec 22, 2021
    risk 0.42cvss 6.5epss 0.01

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at ‘mac_filter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.

  • CVE-2021-21927MedDec 22, 2021
    risk 0.42cvss 6.5epss 0.01

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘loc_filter’ parameter.

  • CVE-2021-21926MedDec 22, 2021
    risk 0.42cvss 6.5epss 0.01

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘health_filter’ parameter.

  • CVE-2021-21925MedDec 22, 2021
    risk 0.42cvss 6.5epss 0.01

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘firm_filter’ parameter.

  • CVE-2021-21922MedDec 22, 2021
    risk 0.42cvss 6.5epss 0.01

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘username_filter’ parameter with the administrative account or through cross-site request forgery.

  • CVE-2021-43789HigDec 7, 2021
    risk 0.42cvss 7.5epss 0.04

    PrestaShop is an Open Source e-commerce web application. Versions of PrestaShop prior to 1.7.8.2 are vulnerable to blind SQL injection using search filters with `orderBy` and `sortOrder` parameters. The problem is fixed in version 1.7.8.2.

  • CVE-2021-44050MedDec 2, 2021
    risk 0.42cvss 6.5epss 0.01

    CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data.

  • CVE-2021-39351MedOct 6, 2021
    risk 0.42cvss 6.5epss 0.01

    The WP Bannerize WordPress plugin is vulnerable to authenticated SQL injection via the id parameter found in the ~/Classes/wpBannerizeAdmin.php file which allows attackers to exfiltrate sensitive information from vulnerable sites. This issue affects versions 2.0.0 - 4.0.2.

  • CVE-2021-41845MedOct 1, 2021
    risk 0.42cvss 6.5epss 0.01

    A SQL injection issue was discovered in ThycoticCentrify Secret Server before 11.0.000007. The only affected versions are 10.9.000032 through 11.0.000006.

  • CVE-2021-31869MedAug 4, 2021
    risk 0.42cvss 6.5epss 0.01

    Pimcore AdminBundle version 6.8.0 and earlier suffers from a SQL injection issue in the specificID variable used by the application. This issue was fixed in version 6.9.4 of the product.

  • CVE-2021-31867MedAug 4, 2021
    risk 0.42cvss 6.5epss 0.01

    Pimcore Customer Data Framework version 3.0.0 and earlier suffers from a Boolean-based blind SQL injection issue in the $id parameter of the SegmentAssignmentController.php component of the application. This issue was fixed in version 3.0.2 of the product.

  • CVE-2021-25427MedJul 8, 2021
    risk 0.42cvss 6.5epss 0.00

    SQL injection vulnerability in Bluetooth prior to SMR July-2021 Release 1 allows unauthorized access to paired device information

  • CVE-2021-24360MedJun 14, 2021
    risk 0.42cvss 6.5epss 0.01

    The Yes/No Chart WordPress plugin before 1.0.12 did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing medium privilege users (contributor+) to perform Blind SQL Injection attacks

  • CVE-2020-36004MedJun 3, 2021
    risk 0.42cvss 6.5epss 0.01

    AppCMS 2.0.101 in /admin/download_frame.php has a SQL injection vulnerability which allows attackers to obtain sensitive database information.

  • CVE-2021-27545MedApr 15, 2021
    risk 0.42cvss 6.5epss 0.02

    SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter.

  • CVE-2021-24200MedApr 12, 2021
    risk 0.42cvss 6.5epss 0.01

    The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'length'…

  • CVE-2021-24199MedApr 12, 2021
    risk 0.42cvss 6.5epss 0.01

    The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'start'…

  • CVE-2021-24186MedApr 5, 2021
    risk 0.42cvss 6.5epss 0.01

    The tutor_answering_quiz_question/get_answer_by_id function pair from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.