Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-72203
HistoryMay 09, 2022 - 12:00 a.m.

Mybatis-PageHelper SQL Injection Vulnerability

2022-05-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
8

0.006 Low

EPSS

Percentile

78.5%

JSON

Mybatis-PageHelper is a paging plug-in. An SQL injection vulnerability exists in Mybatis-PageHelper versions 1.0 (inclusive) through 5.3.0 (inclusive), which stems from the orderBy parameter’s lack of validation for external input SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.

Related

cvelist 1
cve 1
nvd 1
prion 1
github 1
osv 2
cvelist
cvelist
CVE-2022-28111
2022-05-04 00:00:00
cve
cve
CVE-2022-28111
2022-05-04 13:15:08
nvd
nvd
CVE-2022-28111
2022-05-04 13:15:08
prion
prion
Sql injection
2022-05-04 13:15:00
github
github
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter
2022-05-05 00:00:25
osv
osv
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter
2022-05-05 00:00:25
CVE-2022-28111
2022-05-04 13:15:08

0.006 Low

EPSS

Percentile

78.5%

JSON
Related for CNVD-2022-72203
cvelist1cve1nvd1prion1github1osv2