CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Description
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-470 · CAPEC-66 · CAPEC-7
CVEs mapped to this weakness (10,236)
page 85 of 512| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-1002026 | Hig | 0.57 | 8.8 | 0.02 | Sep 14, 2017 | Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function edit_event_category does not sanitize user-supplied input via the $id parameter before passing it into an SQL statement. | ||
| CVE-2017-14242 | Cri | 0.57 | 9.8 | 0.01 | Sep 11, 2017 | SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the statut parameter. | ||
| CVE-2017-14238 | Cri | 0.57 | 9.8 | 0.01 | Sep 11, 2017 | SQL injection vulnerability in admin/menus/edit.php in Dolibarr ERP/CRM version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the menuId parameter. | ||
| CVE-2015-4724 | Hig | 0.57 | 8.8 | 0.01 | Sep 7, 2017 | SQL injection vulnerability in Concrete5 5.7.3.1. | ||
| CVE-2015-8334 | Hig | 0.57 | 8.8 | 0.01 | Aug 29, 2017 | SQL injection vulnerability in the Operation and Maintenance Unit (OMU) in Huawei VCN500 before V100R002C00SPC201 allows remote authenticated users to execute arbitrary SQL commands via a crafted HTTP request. | ||
| CVE-2017-10839 | Hig | 0.57 | 8.8 | 0.01 | Aug 29, 2017 | SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | ||
| CVE-2015-8355 | Hig | 0.57 | 8.8 | 0.02 | Aug 24, 2017 | Multiple SQL injection vulnerabilities in the orion.extfeedbackform module before 2.1.3 for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) order or (2) "by" parameter to admin/orion.extfeedbackform_efbf_forms.php. | ||
| CVE-2017-12949 | Hig | 0.57 | 8.8 | 0.01 | Aug 18, 2017 | lib\modules\contributors\contributor_list_table.php in the Podlove Podcast Publisher plugin 2.5.3 and earlier for WordPress has SQL injection in the orderby parameter to wp-admin/admin.php, exploitable through CSRF. | ||
| CVE-2017-1174 | Hig | 0.57 | 8.8 | 0.02 | Aug 10, 2017 | IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 123296. | ||
| CVE-2017-6757 | Hig | 0.57 | 8.8 | 0.02 | Aug 7, 2017 | A vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5), 11.0(1.10000.10), and 11.5(1.10000.6) could allow an authenticated, remote attacker to conduct a blind SQL injection attack. The vulnerability is due to a failure to validate user-supplied input used in SQL… | ||
| CVE-2017-12585 | Hig | 0.57 | 8.8 | 0.02 | Aug 6, 2017 | SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAX_lookup_handler.php (tableName and tableFields parameters), admin/AJAX_check_id.php, and admin/AJAX_vocabolary_control.php. It can be exploited by remote authenticated librarian users. | ||
| CVE-2017-11736 | Hig | 0.57 | 8.8 | 0.01 | Jul 29, 2017 | SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter. | ||
| CVE-2017-11678 | Hig | 0.57 | 8.8 | 0.02 | Jul 27, 2017 | SQL injection vulnerability in Hashtopus 1.5g allows remote authenticated users to execute arbitrary SQL commands via the format parameter in admin.php. | ||
| CVE-2017-11475 | Hig | 0.57 | 8.8 | 0.01 | Jul 20, 2017 | GLPI before 9.1.5.1 has SQL Injection in the condition rule field, exploitable via front/rulesengine.test.php. | ||
| CVE-2017-7681 | Hig | 0.57 | 8.8 | 0.01 | Jul 17, 2017 | Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end. | ||
| CVE-2017-1000067 | Hig | 0.57 | 8.8 | 0.01 | Jul 17, 2017 | MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalating privileges. | ||
| CVE-2017-1000031 | Hig | 0.57 | 8.8 | 0.01 | Jul 17, 2017 | SQL injection vulnerability in graph_templates_inputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graph_template_input_id and graph_template_id parameters. | ||
| CVE-2017-11200 | Hig | 0.57 | 8.8 | 0.01 | Jul 13, 2017 | SQL Injection exists in FineCMS through 2017-07-12 via the application/core/controller/excludes.php visitor_ip parameter. | ||
| CVE-2017-8002 | Hig | 0.57 | 8.8 | 0.02 | Jul 9, 2017 | EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL injection vulnerabilities. A remote authenticated attacker may potentially exploit these vulnerabilities to gain information about the application by causing execution of arbitrary SQL commands. | ||
| CVE-2017-1347 | Hig | 0.57 | 8.8 | 0.01 | Jun 23, 2017 | IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126462. |
- risk 0.57cvss 8.8epss 0.02
Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function edit_event_category does not sanitize user-supplied input via the $id parameter before passing it into an SQL statement.
- risk 0.57cvss 9.8epss 0.01
SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the statut parameter.
- risk 0.57cvss 9.8epss 0.01
SQL injection vulnerability in admin/menus/edit.php in Dolibarr ERP/CRM version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the menuId parameter.
- risk 0.57cvss 8.8epss 0.01
SQL injection vulnerability in Concrete5 5.7.3.1.
- risk 0.57cvss 8.8epss 0.01
SQL injection vulnerability in the Operation and Maintenance Unit (OMU) in Huawei VCN500 before V100R002C00SPC201 allows remote authenticated users to execute arbitrary SQL commands via a crafted HTTP request.
- risk 0.57cvss 8.8epss 0.01
SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
- risk 0.57cvss 8.8epss 0.02
Multiple SQL injection vulnerabilities in the orion.extfeedbackform module before 2.1.3 for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) order or (2) "by" parameter to admin/orion.extfeedbackform_efbf_forms.php.
- risk 0.57cvss 8.8epss 0.01
lib\modules\contributors\contributor_list_table.php in the Podlove Podcast Publisher plugin 2.5.3 and earlier for WordPress has SQL injection in the orderby parameter to wp-admin/admin.php, exploitable through CSRF.
- risk 0.57cvss 8.8epss 0.02
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 123296.
- risk 0.57cvss 8.8epss 0.02
A vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5), 11.0(1.10000.10), and 11.5(1.10000.6) could allow an authenticated, remote attacker to conduct a blind SQL injection attack. The vulnerability is due to a failure to validate user-supplied input used in SQL…
- risk 0.57cvss 8.8epss 0.02
SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAX_lookup_handler.php (tableName and tableFields parameters), admin/AJAX_check_id.php, and admin/AJAX_vocabolary_control.php. It can be exploited by remote authenticated librarian users.
- risk 0.57cvss 8.8epss 0.01
SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter.
- risk 0.57cvss 8.8epss 0.02
SQL injection vulnerability in Hashtopus 1.5g allows remote authenticated users to execute arbitrary SQL commands via the format parameter in admin.php.
- risk 0.57cvss 8.8epss 0.01
GLPI before 9.1.5.1 has SQL Injection in the condition rule field, exploitable via front/rulesengine.test.php.
- risk 0.57cvss 8.8epss 0.01
Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. This allows authenticated users to modify the structure of the existing query and leak the structure of other queries being made by the application in the back-end.
- risk 0.57cvss 8.8epss 0.01
MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalating privileges.
- risk 0.57cvss 8.8epss 0.01
SQL injection vulnerability in graph_templates_inputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graph_template_input_id and graph_template_id parameters.
- risk 0.57cvss 8.8epss 0.01
SQL Injection exists in FineCMS through 2017-07-12 via the application/core/controller/excludes.php visitor_ip parameter.
- risk 0.57cvss 8.8epss 0.02
EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL injection vulnerabilities. A remote authenticated attacker may potentially exploit these vulnerabilities to gain information about the application by causing execution of arbitrary SQL commands.
- risk 0.57cvss 8.8epss 0.01
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126462.