CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (10,236)
page 74 of 512| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-54385 | Cri | 0.57 | 9.8 | 0.01 | Jul 26, 2025 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions between 17.0.0-rc1 to 17.2.2 and versions 16.10.5 and below, it's possible to execute any SQL query in Oracle by using the function like DBMS_XMLGEN or… | ||
| CVE-2025-54379 | Cri | 0.57 | 9.8 | 0.01 | Jul 24, 2025 | LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. In versions before 2.2.1, there is a critical SQL Injection vulnerability in the getLast API functionality of the eKuiper project. This flaw allows… | ||
| CVE-2025-34059 | Hig | 0.57 | — | 0.00 | Jul 1, 2025 | An SQL injection vulnerability exists in the Dahua Smart Cloud Gateway Registration Management Platform via the username parameter in the /index.php/User/doLogin endpoint. The application fails to properly sanitize user input, allowing unauthenticated attackers to inject… | ||
| CVE-2025-5590 | Hig | 0.57 | 8.8 | 0.00 | Jun 26, 2025 | The Owl carousel responsive plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL… | ||
| CVE-2024-56158 | Cri | 0.57 | 9.8 | 0.00 | Jun 12, 2025 | XWiki is a generic wiki platform. It's possible to execute any SQL query in Oracle by using the function like DBMS_XMLGEN or DBMS_XMLQUERY. The XWiki query validator does not sanitize functions that would be used in a simple select and Hibernate allows using any native function… | ||
| CVE-2025-1793 | Cri | 0.57 | 9.8 | 0.01 | Jun 5, 2025 | Multiple vector store integrations in run-llama/llama_index version v0.12.21 have SQL injection vulnerabilities. These vulnerabilities allow an attacker to read and write data using SQL, potentially leading to unauthorized access to data of other users depending on the usage of… | ||
| CVE-2025-48949 | Cri | 0.57 | 9.8 | 0.00 | May 30, 2025 | Navidrome is an open source web-based music collection server and streamer. Versions 0.55.0 through 0.55.2 have a vulnerability due to improper input validation on the `role` parameter within the API endpoint `/api/artist`. Attackers can exploit this flaw to inject arbitrary SQL… | ||
| CVE-2025-41377 | Hig | 0.57 | — | 0.00 | May 23, 2025 | A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in… | ||
| CVE-2024-13955 | Hig | 0.57 | 8.8 | 0.00 | May 22, 2025 | 2nd Order SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if administrator credentials become compromised.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | ||
| CVE-2025-32968 | Hig | 0.57 | 8.8 | 0.00 | Apr 23, 2025 | XWiki is a generic wiki platform. In versions starting from 1.6-milestone-1 to before 15.10.16, 16.4.6, and 16.10.1, it is possible for a user with SCRIPT right to escape from the HQL execution context and perform a blind SQL injection to execute arbitrary SQL statements on the… | ||
| CVE-2025-23176 | — | Hig | 0.57 | 8.8 | 0.00 | Apr 22, 2025 | CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | |
| CVE-2025-2585 | Hig | 0.57 | 8.8 | 0.00 | Mar 21, 2025 | EBM Maintenance Center From EBM Technologies has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify, and delete database contents. | ||
| CVE-2024-12909 | Cri | 0.57 | 9.8 | 0.01 | Mar 20, 2025 | A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for SQL injection in the `run_sql_query` function of the `database_agent`. This vulnerability can be exploited by an attacker to inject arbitrary SQL queries,… | ||
| CVE-2024-11958 | Cri | 0.57 | 9.8 | 0.01 | Mar 20, 2025 | A SQL injection vulnerability exists in the `duckdb_retriever` component of the run-llama/llama_index repository, specifically in the latest version. The vulnerability arises from the construction of SQL queries without using prepared statements, allowing an attacker to inject… | ||
| CVE-2024-10901 | — | Cri | 0.57 | 9.8 | 0.01 | Mar 20, 2025 | In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/chart/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write, enabling them to write arbitrary files to… | |
| CVE-2024-54445 | Hig | 0.57 | — | 0.00 | Mar 14, 2025 | Login functionality contains a blind SQL injection that can be exploited by unauthenticated attackers. Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof… | ||
| CVE-2024-12245 | Hig | 0.57 | — | 0.00 | Mar 14, 2025 | Logout functionality contains a blind SQL injection that can be exploited by unauthenticated attackers. Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof… | ||
| CVE-2024-12918 | Hig | 0.57 | 8.8 | 0.00 | Feb 24, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agito Computer Health4All allows SQL Injection. This issue affects Health4All: before 10.01.2025. | ||
| CVE-2024-12916 | Hig | 0.57 | 8.8 | 0.00 | Feb 24, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agito Computer Life4All allows SQL Injection. This issue affects Life4All: before 10.01.2025. | ||
| CVE-2024-55517 | Hig | 0.57 | 8.8 | 0.01 | Jan 8, 2025 | An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated session. |
- risk 0.57cvss 9.8epss 0.01
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions between 17.0.0-rc1 to 17.2.2 and versions 16.10.5 and below, it's possible to execute any SQL query in Oracle by using the function like DBMS_XMLGEN or…
- risk 0.57cvss 9.8epss 0.01
LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. In versions before 2.2.1, there is a critical SQL Injection vulnerability in the getLast API functionality of the eKuiper project. This flaw allows…
- risk 0.57cvss —epss 0.00
An SQL injection vulnerability exists in the Dahua Smart Cloud Gateway Registration Management Platform via the username parameter in the /index.php/User/doLogin endpoint. The application fails to properly sanitize user input, allowing unauthenticated attackers to inject…
- risk 0.57cvss 8.8epss 0.00
The Owl carousel responsive plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL…
- risk 0.57cvss 9.8epss 0.00
XWiki is a generic wiki platform. It's possible to execute any SQL query in Oracle by using the function like DBMS_XMLGEN or DBMS_XMLQUERY. The XWiki query validator does not sanitize functions that would be used in a simple select and Hibernate allows using any native function…
- risk 0.57cvss 9.8epss 0.01
Multiple vector store integrations in run-llama/llama_index version v0.12.21 have SQL injection vulnerabilities. These vulnerabilities allow an attacker to read and write data using SQL, potentially leading to unauthorized access to data of other users depending on the usage of…
- risk 0.57cvss 9.8epss 0.00
Navidrome is an open source web-based music collection server and streamer. Versions 0.55.0 through 0.55.2 have a vulnerability due to improper input validation on the `role` parameter within the API endpoint `/api/artist`. Attackers can exploit this flaw to inject arbitrary SQL…
- risk 0.57cvss —epss 0.00
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in…
- risk 0.57cvss 8.8epss 0.00
2nd Order SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if administrator credentials become compromised.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
- risk 0.57cvss 8.8epss 0.00
XWiki is a generic wiki platform. In versions starting from 1.6-milestone-1 to before 15.10.16, 16.4.6, and 16.10.1, it is possible for a user with SCRIPT right to escape from the HQL execution context and perform a blind SQL injection to execute arbitrary SQL statements on the…
- risk 0.57cvss 8.8epss 0.00
CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
- risk 0.57cvss 8.8epss 0.00
EBM Maintenance Center From EBM Technologies has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify, and delete database contents.
- risk 0.57cvss 9.8epss 0.01
A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for SQL injection in the `run_sql_query` function of the `database_agent`. This vulnerability can be exploited by an attacker to inject arbitrary SQL queries,…
- risk 0.57cvss 9.8epss 0.01
A SQL injection vulnerability exists in the `duckdb_retriever` component of the run-llama/llama_index repository, specifically in the latest version. The vulnerability arises from the construction of SQL queries without using prepared statements, allowing an attacker to inject…
- risk 0.57cvss 9.8epss 0.01
In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/chart/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write, enabling them to write arbitrary files to…
- risk 0.57cvss —epss 0.00
Login functionality contains a blind SQL injection that can be exploited by unauthenticated attackers. Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof…
- risk 0.57cvss —epss 0.00
Logout functionality contains a blind SQL injection that can be exploited by unauthenticated attackers. Using a time-based blind SQLi technique the attacker can disclose all database contents. Account takeover is a potential outcome depending on the presence or lack thereof…
- risk 0.57cvss 8.8epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agito Computer Health4All allows SQL Injection. This issue affects Health4All: before 10.01.2025.
- risk 0.57cvss 8.8epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agito Computer Life4All allows SQL Injection. This issue affects Life4All: before 10.01.2025.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated session.