VYPR

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (10,236)

page 49 of 512
  • CVE-2016-9333CriFeb 13, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. The SoftCMS Application does not properly sanitize input that may allow a remote attacker access to SoftCMS with administrator's privilege through specially crafted input (SQL INJECTION).

  • CVE-2016-8341CriFeb 13, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands.

  • CVE-2017-5879CriFeb 6, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL injection that can be exploited by un-authenticated users via an HTTP GET request and which can be used to dump database data out to a malicious server, using an out-of-band technique, such as select_loadfile().…

  • CVE-2016-9416CriJan 31, 2017
    risk 0.64cvss 9.8epss 0.02

    SQL injection vulnerability in the users data handler in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2016-9402CriJan 31, 2017
    risk 0.64cvss 9.8epss 0.02

    SQL injection vulnerability in the moderation tool in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2016-5742CriJan 23, 2017
    risk 0.64cvss 9.8epss 0.02

    SQL injection vulnerability in the XML-RPC interface in Movable Type Pro and Advanced 6.x before 6.1.3 and 6.2.x before 6.2.6 and Movable Type Open Source 5.2.13 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2017-5569CriJan 23, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection within the template.jsp, which can be exploited without the need of authentication and via an HTTP POST request, and which can be used to dump database data out to a malicious…

  • CVE-2017-5575CriJan 23, 2017
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in inc/lib/Options.class.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the modules parameter.

  • CVE-2017-5574CriJan 23, 2017
    risk 0.64cvss 9.8epss 0.02

    SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows unauthenticated users to execute arbitrary SQL commands via the activation parameter.

  • CVE-2017-5519CriJan 17, 2017
    risk 0.64cvss 9.8epss 0.02

    SQL injection vulnerability in Posts.class.php in GeniXCMS through 0.0.8 allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2017-5517CriJan 17, 2017
    risk 0.64cvss 9.8epss 0.02

    SQL injection vulnerability in author.control.php in GeniXCMS through 0.0.8 allows remote attackers to execute arbitrary SQL commands via the type parameter.

  • CVE-2016-10114CriJan 4, 2017
    risk 0.64cvss 9.8epss 0.02

    SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch.

  • CVE-2016-2355CriDec 19, 2016
    risk 0.64cvss 9.8epss 0.02

    SQL injection vulnerability in the REST API in dotCMS before 3.3.2 allows remote attackers to execute arbitrary SQL commands via the stName parameter to api/content/save/1.

  • CVE-2016-9481CriNov 29, 2016
    risk 0.64cvss 9.8epss 0.02

    In framework/modules/core/controllers/expCommentController.php of Exponent CMS 2.4.0, content_id input is passed into showComments. The method showComments is defined in the expCommentControllercontroller with the parameter '$this->params['content_id']' used directly in SQL.…

  • CVE-2016-9287CriNov 15, 2016
    risk 0.64cvss 9.8epss 0.01

    In /framework/modules/notfound/controllers/notfoundController.php of Exponent CMS 2.4.0 patch1, untrusted input is passed into getSearchResults. The method getSearchResults is defined in the search model with the parameter '$term' used directly in SQL. Impact is a SQL injection.

  • CVE-2016-8902CriNov 14, 2016
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in the categoriesServlet servlet in dotCMS before 3.3.1 allows remote not authenticated attackers to execute arbitrary SQL commands via the sort parameter.

  • CVE-2016-9288CriNov 11, 2016
    risk 0.64cvss 9.8epss 0.01

    In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older, the parameter "target" of function "DragnDropReRank" is directly used without any filtration which caused SQL injection. The payload can be used like this:…

  • CVE-2016-7453CriNov 3, 2016
    risk 0.64cvss 9.8epss 0.01

    The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection.

  • CVE-2016-1000217CriOct 6, 2016
    risk 0.64cvss 9.8epss 0.06

    Zotpress plugin for WordPress SQLi in zp_get_account()

  • CVE-2016-1000113CriOct 6, 2016
    risk 0.64cvss 9.8epss 0.03

    XSS and SQLi in huge IT gallery v1.1.5 for Joomla