CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (10,236)
page 69 of 512| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-32888 | Cri | 0.58 | 10.0 | 0.01 | May 15, 2024 | The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provides database connectivity through the standard JDBC application program interfaces (APIs) available in the Java Platform, Enterprise Editions. Prior to version 2.1.0.28, SQL injection is possible when using… | ||
| CVE-2024-30491 | Hig | 0.58 | 8.5 | 0.32 | Mar 29, 2024 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8. | ||
| CVE-2024-27298 | Cri | 0.58 | 10.0 | 0.01 | Mar 1, 2024 | parse-server is a Parse Server for Node.js / Express. This vulnerability allows SQL injection when Parse Server is configured to use the PostgreSQL database. The vulnerability has been fixed in 6.5.0 and 7.0.0-alpha.20. | ||
| CVE-2024-1597 | Cri | 0.58 | 10.0 | 0.05 | Feb 19, 2024 | pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second… | ||
| CVE-2023-25813 | Cri | 0.58 | 10.0 | 0.01 | Feb 22, 2023 | Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The… | ||
| CVE-2022-2422 | Cri | 0.58 | 10.0 | 0.01 | Oct 26, 2022 | Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used. | ||
| CVE-2022-2421 | Cri | 0.58 | 10.0 | 0.01 | Oct 26, 2022 | Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the _placeholder object which allows an attacker to place references to functions at arbitrary places in the resulting query object. | ||
| CVE-2022-29822 | Cri | 0.58 | 10.0 | 0.01 | Oct 26, 2022 | Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection | ||
| CVE-2022-28346 | Cri | 0.58 | 9.8 | 0.19 | Apr 12, 2022 | An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs. | ||
| CVE-2018-10350 | Hig | 0.58 | 8.8 | 0.15 | May 25, 2018 | A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw within the handling of parameters provided to wcs\_bwlists\_handler.php. … | ||
| CVE-2018-10356 | Hig | 0.58 | 8.8 | 0.11 | May 23, 2018 | A SQL injection remote code execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRequestDomains class. Authentication is required to exploit this… | ||
| CVE-2017-11509 | Hig | 0.58 | 8.8 | 0.06 | Mar 28, 2018 | An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement. | ||
| CVE-2018-3607 | Hig | 0.58 | 8.8 | 0.15 | Feb 9, 2018 | XXXTreeNode method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. | ||
| CVE-2018-3603 | Hig | 0.58 | 8.8 | 0.08 | Feb 9, 2018 | A CGGIServlet SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. | ||
| CVE-2018-3602 | Hig | 0.58 | 8.8 | 0.08 | Feb 9, 2018 | An AdHocQuery_Processor SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. | ||
| CVE-2017-14723 | Cri | 0.58 | 9.8 | 0.10 | Sep 23, 2017 | Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks. | ||
| CVE-2017-11388 | Hig | 0.58 | 8.8 | 0.14 | Aug 2, 2017 | SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided strings before constructing SQL queries. Formerly ZDI-CAN-4639 and ZDI-CAN-4638. | ||
| CVE-2026-8444 | Hig | 0.57 | 8.8 | 0.00 | Jun 16, 2026 | The WP Review Slider Pro plugin for WordPress is vulnerable to SQL Injection via the 'curselrevs[]' parameter of the wpfb_find_reviews AJAX action in versions up to, and including, 12.6.8. This is due to the handler reading $_POST['curselrevs'] raw with no sanitization or type… | ||
| CVE-2026-8443 | Hig | 0.57 | 8.8 | 0.00 | Jun 16, 2026 | The WP Review Slider Pro plugin for WordPress is vulnerable to SQL Injection via the 'stypes' and 'slocations' parameters of the wppro_get_overall_chart_data AJAX action in versions up to, and including, 12.6.8. This is due to the use of stripslashes() on user-supplied JSON… | ||
| CVE-2026-48114 | Cri | 0.57 | 9.8 | 0.00 | Jun 15, 2026 | Metacat is data repository software that helps researchers preserve, share, and discover data. Versions 2.0.0 and and above contain an unauthenticated SQL injection in the /harvesterRegistration endpoint. HarvesterRegistration.dbInsert() builds an INSERT against… |
- risk 0.58cvss 10.0epss 0.01
The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provides database connectivity through the standard JDBC application program interfaces (APIs) available in the Java Platform, Enterprise Editions. Prior to version 2.1.0.28, SQL injection is possible when using…
- risk 0.58cvss 8.5epss 0.32
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8.
- risk 0.58cvss 10.0epss 0.01
parse-server is a Parse Server for Node.js / Express. This vulnerability allows SQL injection when Parse Server is configured to use the PostgreSQL database. The vulnerability has been fixed in 6.5.0 and 7.0.0-alpha.20.
- risk 0.58cvss 10.0epss 0.05
pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second…
- risk 0.58cvss 10.0epss 0.01
Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The…
- risk 0.58cvss 10.0epss 0.01
Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used.
- risk 0.58cvss 10.0epss 0.01
Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the _placeholder object which allows an attacker to place references to functions at arbitrary places in the resulting query object.
- risk 0.58cvss 10.0epss 0.01
Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection
- risk 0.58cvss 9.8epss 0.19
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.
- risk 0.58cvss 8.8epss 0.15
A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw within the handling of parameters provided to wcs\_bwlists\_handler.php. …
- risk 0.58cvss 8.8epss 0.11
A SQL injection remote code execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRequestDomains class. Authentication is required to exploit this…
- risk 0.58cvss 8.8epss 0.06
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement.
- risk 0.58cvss 8.8epss 0.15
XXXTreeNode method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
- risk 0.58cvss 8.8epss 0.08
A CGGIServlet SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
- risk 0.58cvss 8.8epss 0.08
An AdHocQuery_Processor SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
- risk 0.58cvss 9.8epss 0.10
Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks.
- risk 0.58cvss 8.8epss 0.14
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided strings before constructing SQL queries. Formerly ZDI-CAN-4639 and ZDI-CAN-4638.
- risk 0.57cvss 8.8epss 0.00
The WP Review Slider Pro plugin for WordPress is vulnerable to SQL Injection via the 'curselrevs[]' parameter of the wpfb_find_reviews AJAX action in versions up to, and including, 12.6.8. This is due to the handler reading $_POST['curselrevs'] raw with no sanitization or type…
- risk 0.57cvss 8.8epss 0.00
The WP Review Slider Pro plugin for WordPress is vulnerable to SQL Injection via the 'stypes' and 'slocations' parameters of the wppro_get_overall_chart_data AJAX action in versions up to, and including, 12.6.8. This is due to the use of stripslashes() on user-supplied JSON…
- risk 0.57cvss 9.8epss 0.00
Metacat is data repository software that helps researchers preserve, share, and discover data. Versions 2.0.0 and and above contain an unauthenticated SQL injection in the /harvesterRegistration endpoint. HarvesterRegistration.dbInsert() builds an INSERT against…