CVE-2019-10762

2019-10-3021:14:05

snyk

www.cve.org

9.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.8%

JSON

columnQuote in medoo before 1.7.5 allows remote attackers to perform a SQL Injection due to improper escaping.

CNA Affected

[
  {
    "product": "medoo",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to version 1.7.5"
      }
    ]
  }
]

References

github.com/catfan/Medoo/commit/659864b393961bf224bba1efc03b7dcbed7de533

snyk.io/vuln/SNYK-PHP-CATFANMEDOO-474562