CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (10,236)
page 82 of 512| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-13450 | — | Cri | 0.57 | 9.8 | 0.02 | Jul 8, 2018 | SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the status_batch parameter. | |
| CVE-2018-13449 | — | Cri | 0.57 | 9.8 | 0.02 | Jul 8, 2018 | SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut_buy parameter. | |
| CVE-2018-13448 | — | Cri | 0.57 | 9.8 | 0.02 | Jul 8, 2018 | SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the country_id parameter. | |
| CVE-2018-13447 | — | Cri | 0.57 | 9.8 | 0.02 | Jul 8, 2018 | SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut parameter. | |
| CVE-2018-3754 | — | Hig | 0.57 | 8.8 | 0.01 | Jul 3, 2018 | Node.js third-party module query-mysql versions 0.0.0, 0.0.1, and 0.0.2 are vulnerable to an SQL injection vulnerability due to lack of user input sanitization. This may allow an attacker to run arbitrary SQL queries when fetching data from database. | |
| CVE-2018-11643 | Hig | 0.57 | 8.8 | 0.01 | Jul 3, 2018 | SQL injection vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to execute arbitrary SQL commands via the filterPattern parameter. | ||
| CVE-2018-7774 | Hig | 0.57 | 8.8 | 0.01 | Jul 3, 2018 | The vulnerability exists within processing of localize.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the username input parameter. | ||
| CVE-2018-7773 | Hig | 0.57 | 8.8 | 0.01 | Jul 3, 2018 | The vulnerability exists within processing of nfcserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the sessionid input parameter. | ||
| CVE-2018-7772 | Hig | 0.57 | 8.8 | 0.01 | Jul 3, 2018 | The vulnerability exists within processing of applets which are exposed on the web service in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query to determine whether a user is logged in is subject to SQL injection on the… | ||
| CVE-2018-7769 | Hig | 0.57 | 8.8 | 0.01 | Jul 3, 2018 | The vulnerability exists within processing of xmlserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the id input parameter. | ||
| CVE-2018-7768 | Hig | 0.57 | 8.8 | 0.01 | Jul 3, 2018 | The vulnerability exists within processing of loadtemplate.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the tpl input parameter. | ||
| CVE-2018-7767 | Hig | 0.57 | 8.8 | 0.01 | Jul 3, 2018 | The vulnerability exists within processing of editobject.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the type input parameter. | ||
| CVE-2018-7766 | Hig | 0.57 | 8.8 | 0.01 | Jul 3, 2018 | The vulnerability exists within processing of track_getdata.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the id input parameter. | ||
| CVE-2018-7765 | Hig | 0.57 | 8.8 | 0.03 | Jul 3, 2018 | The vulnerability exists within processing of track_import_export.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the object_id input parameter. | ||
| CVE-2018-13049 | Hig | 0.57 | 8.8 | 0.01 | Jul 2, 2018 | The constructSQL function in inc/search.class.php in GLPI 9.2.x through 9.3.0 allows SQL Injection, as demonstrated by triggering a crafted LIMIT clause to front/computer.php. | ||
| CVE-2018-1000552 | Hig | 0.57 | 8.8 | 0.01 | Jun 26, 2018 | Trovebox version <= 4.0.0-rc6 contains a SQL Injection vulnerability in album component that can result in SQL code injection. This attack appear to be exploitable via HTTP request. This vulnerability appears to have been fixed in after commit 742b8ed. | ||
| CVE-2011-0467 | Hig | 0.57 | 8.8 | 0.01 | Jun 7, 2018 | A vulnerability in the listing of available software of SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. Affected releases are SUSE Studio Onsite: versions prior to 1.0.3-0.18.1, SUSE Studio… | ||
| CVE-2018-1252 | Hig | 0.57 | 8.8 | 0.02 | Jun 5, 2018 | RSA Web Threat Detection versions prior to 6.4, contain an SQL injection vulnerability in the Administration and Forensics applications. An authenticated malicious user with low privileges could potentially exploit this vulnerability to execute SQL commands on the back-end… | ||
| CVE-2016-10554 | — | Cri | 0.57 | 9.8 | 0.02 | May 31, 2018 | sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite… | |
| CVE-2016-10551 | Cri | 0.57 | 9.8 | 0.02 | May 29, 2018 | waterline-sequel is a module that helps generate SQL statements for Waterline apps Any user input that goes into Waterline's `like`, `contains`, `startsWith`, or `endsWith` will end up in waterline-sequel with the potential for malicious code. A malicious user can input their… |
- risk 0.57cvss 9.8epss 0.02
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the status_batch parameter.
- risk 0.57cvss 9.8epss 0.02
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut_buy parameter.
- risk 0.57cvss 9.8epss 0.02
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the country_id parameter.
- risk 0.57cvss 9.8epss 0.02
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut parameter.
- risk 0.57cvss 8.8epss 0.01
Node.js third-party module query-mysql versions 0.0.0, 0.0.1, and 0.0.2 are vulnerable to an SQL injection vulnerability due to lack of user input sanitization. This may allow an attacker to run arbitrary SQL queries when fetching data from database.
- risk 0.57cvss 8.8epss 0.01
SQL injection vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to execute arbitrary SQL commands via the filterPattern parameter.
- risk 0.57cvss 8.8epss 0.01
The vulnerability exists within processing of localize.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the username input parameter.
- risk 0.57cvss 8.8epss 0.01
The vulnerability exists within processing of nfcserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the sessionid input parameter.
- risk 0.57cvss 8.8epss 0.01
The vulnerability exists within processing of applets which are exposed on the web service in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query to determine whether a user is logged in is subject to SQL injection on the…
- risk 0.57cvss 8.8epss 0.01
The vulnerability exists within processing of xmlserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the id input parameter.
- risk 0.57cvss 8.8epss 0.01
The vulnerability exists within processing of loadtemplate.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the tpl input parameter.
- risk 0.57cvss 8.8epss 0.01
The vulnerability exists within processing of editobject.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the type input parameter.
- risk 0.57cvss 8.8epss 0.01
The vulnerability exists within processing of track_getdata.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the id input parameter.
- risk 0.57cvss 8.8epss 0.03
The vulnerability exists within processing of track_import_export.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the object_id input parameter.
- risk 0.57cvss 8.8epss 0.01
The constructSQL function in inc/search.class.php in GLPI 9.2.x through 9.3.0 allows SQL Injection, as demonstrated by triggering a crafted LIMIT clause to front/computer.php.
- risk 0.57cvss 8.8epss 0.01
Trovebox version <= 4.0.0-rc6 contains a SQL Injection vulnerability in album component that can result in SQL code injection. This attack appear to be exploitable via HTTP request. This vulnerability appears to have been fixed in after commit 742b8ed.
- risk 0.57cvss 8.8epss 0.01
A vulnerability in the listing of available software of SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. Affected releases are SUSE Studio Onsite: versions prior to 1.0.3-0.18.1, SUSE Studio…
- risk 0.57cvss 8.8epss 0.02
RSA Web Threat Detection versions prior to 6.4, contain an SQL injection vulnerability in the Administration and Forensics applications. An authenticated malicious user with low privileges could potentially exploit this vulnerability to execute SQL commands on the back-end…
- risk 0.57cvss 9.8epss 0.02
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite…
- risk 0.57cvss 9.8epss 0.02
waterline-sequel is a module that helps generate SQL statements for Waterline apps Any user input that goes into Waterline's `like`, `contains`, `startsWith`, or `endsWith` will end up in waterline-sequel with the potential for malicious code. A malicious user can input their…