VYPR

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

BaseStableLikelihood: High

Description

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7

CVEs mapped to this weakness (10,236)

page 81 of 512
  • CVE-2019-10913CriMay 16, 2019
    risk 0.57cvss 9.8epss 0.02

    In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. This is…

  • CVE-2019-10910CriMay 16, 2019
    risk 0.57cvss 9.8epss 0.05

    In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection.

  • CVE-2017-16558CriApr 25, 2019
    risk 0.57cvss 9.8epss 0.01

    Contao 3.0.0 to 3.5.30 and 4.0.0 to 4.4.7 contains an SQL injection vulnerability in the back end as well as in the listing module.

  • CVE-2019-7164CriFeb 20, 2019
    risk 0.57cvss 9.8epss 0.04

    SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.

  • CVE-2018-18476CriOct 24, 2018
    risk 0.57cvss 9.8epss 0.02

    mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns.

  • CVE-2018-18546CriOct 21, 2018
    risk 0.57cvss 9.8epss 0.02

    ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable.

  • CVE-2018-7107HigSep 27, 2018
    risk 0.57cvss 8.8epss 0.01

    A potential security vulnerability has been identified in HPE Device Entitlement Gateway (DEG) v3.2.4, v3.3 and v3.3.1. The vulnerability could be remotely exploited to allow local SQL injection and elevation of privilege.

  • CVE-2018-3885HigSep 12, 2018
    risk 0.57cvss 8.8epss 0.01

    An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The order_by parameter can be used to perform an SQL injection attack. An attacker can use a…

  • CVE-2018-3884HigSep 12, 2018
    risk 0.57cvss 8.8epss 0.01

    An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The sort_by and start parameter can be used to perform an SQL injection attack. An attacker can…

  • CVE-2018-3883HigSep 12, 2018
    risk 0.57cvss 8.8epss 0.01

    An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The employee and sort_order parameter can be used to perform an SQL injection attack. An attacker…

  • CVE-2018-3882HigSep 12, 2018
    risk 0.57cvss 8.8epss 0.01

    An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The searchfield parameter can be used to perform an SQL injection attack. An attacker can use a…

  • CVE-2018-3879HigAug 23, 2018
    risk 0.57cvss 8.8epss 0.02

    An exploitable JSON injection vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly parses the user-controlled JSON payload, leading to a JSON…

  • CVE-2018-1000650HigAug 20, 2018
    risk 0.57cvss 8.8epss 0.02

    LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL Injection vulnerability in Show Groups Popup SQL query functions that can result in Ability to perform malicious database queries. This attack appear to be exploitable via User controlled parameters.

  • CVE-2018-15145CriAug 13, 2018
    risk 0.57cvss 9.8epss 0.02

    Multiple SQL injection vulnerabilities in portal/add_edit_event_user.php in versions of OpenEMR before 5.0.1.4 allow a remote attacker to execute arbitrary SQL commands via the (1) eid, (2) userid, or (3) pid parameter.

  • CVE-2018-15143CriAug 13, 2018
    risk 0.57cvss 9.8epss 0.02

    Multiple SQL injection vulnerabilities in portal/find_appt_popup_user.php in versions of OpenEMR before 5.0.1.4 allow a remote attacker to execute arbitrary SQL commands via the (1) catid or (2) providerid parameter.

  • CVE-2018-14967HigAug 6, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.user.php has SQL Injection via the numPerPage parameter.

  • CVE-2018-12482HigAug 4, 2018
    risk 0.57cvss 8.8epss 0.01

    OCS Inventory 2.4.1 contains multiple SQL injections in the search engine. Authentication is needed in order to exploit the issues.

  • CVE-2018-12942HigJul 31, 2018
    risk 0.57cvss 8.8epss 0.02

    SQL injection vulnerability in the "Users management" functionality in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows authenticated attackers to manipulate an SQL query within the application by sending additional SQL commands to the application server. An attacker can…

  • CVE-2018-0607HigJul 26, 2018
    risk 0.57cvss 8.8epss 0.01

    SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.0 to 4.6.2 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2018-12977HigJul 9, 2018
    risk 0.57cvss 8.8epss 0.01

    A SQL injection vulnerability in the SoftExpert (SE) Excellence Suite 2.0 allows remote authenticated users to perform SQL heuristics by pulling information from the database with the "cddocument" parameter in the "Downloading Electronic Documents" section.