CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

CWE-943

Children

CWE-564

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (9,859)

page 451 of 493

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2013-5957	Civicrm Civicrm	—	0.02	Nov 27, 2013	Multiple SQL injection vulnerabilities in CRM/Core/Page/AJAX/Location.php in CiviCRM before 4.2.12, 4.3.x before 4.3.7, and 4.4.x before 4.4.beta4 allow remote attackers to execute arbitrary SQL commands via the _value parameter to (1) ajax/jqState or (2) ajax/jqcounty.
CVE-2013-6869	SAP Netweaver	—	0.01	Nov 23, 2013	SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-6176	EMC Corporation Document Sciences Xpression	—	0.02	Nov 21, 2013	Multiple SQL injection vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote authenticated…
CVE-2013-4386	Theforeman Foreman	—	0.01	Nov 20, 2013	Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter.
CVE-2013-4715	Tiki Tikiwiki CMS\/groupware	—	0.02	Nov 6, 2013	SQL injection vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-6172	Roundcube Webmail	—	0.03	Nov 5, 2013	steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote attackers to modify configuration settings via the _session parameter, which can be leveraged to read arbitrary files, conduct SQL injection attacks, and execute arbitrary code.
CVE-2013-6243	WordPress Landing Pages	—	0.02	Oct 23, 2013	SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the "post" parameter to index.php.
CVE-2013-4422	Quassel Irc Quassel	—	0.02	Oct 23, 2013	SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message.
CVE-2013-4827	Microfocus Intelligent Management Center	—	0.03	Oct 13, 2013	SQL injection vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka ZDI-CAN-1664.
CVE-2013-4137	Status Statusnet	—	0.01	Oct 11, 2013	Multiple SQL injection vulnerabilities in StatusNet 1.0 before 1.0.2 and 1.1.0 allow remote attackers to execute arbitrary SQL commands via vectors related to user lists and "a particular tag format."
CVE-2013-5525	Cisco Systems, Inc. Identity Services Engine Software	—	0.01	Oct 10, 2013	SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCug90502.
CVE-2013-5517	Cisco Systems, Inc. Unified Communications Domain Manager	—	0.01	Oct 2, 2013	SQL injection vulnerability in the web framework in Cisco Unified Communications Domain Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh96567.
CVE-2013-4017	IBM Maximo Asset Management	—	0.01	Oct 1, 2013	SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-3973	IBM Maximo Asset Management	—	0.01	Oct 1, 2013	SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-0451	IBM Maximo Asset Management	—	0.01	Oct 1, 2013	SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 7.1 through 7.1.1.12 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-5931	Real Estate PHP Script Real Estate PHP Script	—	0.01	Sep 23, 2013	SQL injection vulnerability in property_listings_detail.php in Real Estate PHP Script allows remote attackers to execute arbitrary SQL commands via the listingid parameter.
CVE-2013-4313	Moodle Moodle	—	0.01	Sep 16, 2013	Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not prevent use of '\0' characters in query strings, which might allow remote attackers to conduct SQL injection attacks against Microsoft SQL Server via a crafted string.
CVE-2013-4809	Microfocus Procurve Manager	—	0.03	Sep 16, 2013	Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter.
CVE-2013-5723	SAP Netweaver	—	0.02	Sep 12, 2013	SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "ABAD0_DELETE_DERIVATION_TABLE."
CVE-2013-3602	Trivantis Coursemill Learning Management System	—	0.01	Sep 6, 2013	SQL injection vulnerability in admindocumentworker.jsp in Coursemill Learning Management System (LMS) 6.6 allows remote authenticated users to execute arbitrary SQL commands via the docID parameter.

CVE-2013-5957Nov 27, 2013
Civicrm
Civicrm
risk 0.00cvss —epss 0.02
Multiple SQL injection vulnerabilities in CRM/Core/Page/AJAX/Location.php in CiviCRM before 4.2.12, 4.3.x before 4.3.7, and 4.4.x before 4.4.beta4 allow remote attackers to execute arbitrary SQL commands via the _value parameter to (1) ajax/jqState or (2) ajax/jqcounty.
CVE-2013-6869Nov 23, 2013
SAP
Netweaver
risk 0.00cvss —epss 0.01
SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-6176Nov 21, 2013
EMC Corporation
Document Sciences Xpression
risk 0.00cvss —epss 0.02
Multiple SQL injection vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote authenticated…
CVE-2013-4386Nov 20, 2013
Theforeman
Foreman
risk 0.00cvss —epss 0.01
Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter.
CVE-2013-4715Nov 6, 2013
Tiki
Tikiwiki CMS\/groupware
risk 0.00cvss —epss 0.02
SQL injection vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-6172Nov 5, 2013
Roundcube
Webmail
risk 0.00cvss —epss 0.03
steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote attackers to modify configuration settings via the _session parameter, which can be leveraged to read arbitrary files, conduct SQL injection attacks, and execute arbitrary code.
CVE-2013-6243Oct 23, 2013
WordPress
Landing Pages
risk 0.00cvss —epss 0.02
SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the "post" parameter to index.php.
CVE-2013-4422Oct 23, 2013
Quassel Irc
Quassel
risk 0.00cvss —epss 0.02
SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message.
CVE-2013-4827Oct 13, 2013
Microfocus
Intelligent Management Center
risk 0.00cvss —epss 0.03
SQL injection vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka ZDI-CAN-1664.
CVE-2013-4137Oct 11, 2013
Status
Statusnet
risk 0.00cvss —epss 0.01
Multiple SQL injection vulnerabilities in StatusNet 1.0 before 1.0.2 and 1.1.0 allow remote attackers to execute arbitrary SQL commands via vectors related to user lists and "a particular tag format."
CVE-2013-5525Oct 10, 2013
Cisco Systems, Inc.
Identity Services Engine Software
risk 0.00cvss —epss 0.01
SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCug90502.
CVE-2013-5517Oct 2, 2013
Cisco Systems, Inc.
Unified Communications Domain Manager
risk 0.00cvss —epss 0.01
SQL injection vulnerability in the web framework in Cisco Unified Communications Domain Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh96567.
CVE-2013-4017Oct 1, 2013
IBM
Maximo Asset Management
risk 0.00cvss —epss 0.01
SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-3973Oct 1, 2013
IBM
Maximo Asset Management
risk 0.00cvss —epss 0.01
SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-0451Oct 1, 2013
IBM
Maximo Asset Management
risk 0.00cvss —epss 0.01
SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 7.1 through 7.1.1.12 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-5931Sep 23, 2013
Real Estate PHP Script
Real Estate PHP Script
risk 0.00cvss —epss 0.01
SQL injection vulnerability in property_listings_detail.php in Real Estate PHP Script allows remote attackers to execute arbitrary SQL commands via the listingid parameter.
CVE-2013-4313Sep 16, 2013
Moodle
Moodle
risk 0.00cvss —epss 0.01
Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not prevent use of '\0' characters in query strings, which might allow remote attackers to conduct SQL injection attacks against Microsoft SQL Server via a crafted string.
CVE-2013-4809Sep 16, 2013
Microfocus
Procurve Manager
risk 0.00cvss —epss 0.03
Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter.
CVE-2013-5723Sep 12, 2013
SAP
Netweaver
risk 0.00cvss —epss 0.02
SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "ABAD0_DELETE_DERIVATION_TABLE."
CVE-2013-3602Sep 6, 2013
Trivantis
Coursemill Learning Management System
risk 0.00cvss —epss 0.01
SQL injection vulnerability in admindocumentworker.jsp in Coursemill Learning Management System (LMS) 6.6 allows remote authenticated users to execute arbitrary SQL commands via the docID parameter.