Lucene search
GoogleOSV:GHSA-W559-623P-VFG8HistoryMay 05, 2022 - 12:00 a.m.
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter
2022-05-0500:00:25
Google
osv.dev
11
0.006 Low
EPSS
Percentile
78.5%
MyBatis PageHelper versions 3.5.x through 5.3.x were discovered to contain a time-blind SQL injection vulnerability via the orderBy parameter.
References
github.com/pagehelper/Mybatis-PageHelper
github.com/pagehelper/Mybatis-PageHelper.git
github.com/pagehelper/Mybatis-PageHelper/commit/554a524af2d2b30d09505516adc412468a84d8fa
github.com/pagehelper/Mybatis-PageHelper/issues/674
github.com/yangfar/CVE/blob/main/CVE-2022-42227.md
nvd.nist.gov/vuln/detail/CVE-2022-28111
pagehelper.github.io
www.cnblogs.com/secload/articles/16061420.html
Related
osv
osv
CVE-2022-28111
2022-05-04 13:15:08
cvelist
cvelist
CVE-2022-28111
2022-05-04 00:00:00
CVE-2022-42227
2022-10-19 00:00:00
prion
prion
Heap overflow
2022-10-19 18:15:00
Sql injection
2022-05-04 13:15:00
cve
cve
CVE-2022-28111
2022-05-04 13:15:08
CVE-2022-42227
2022-10-19 18:15:13
nvd
nvd
CVE-2022-28111
2022-05-04 13:15:08
CVE-2022-42227
2022-10-19 18:15:13
cnvd
cnvd
Mybatis-PageHelper SQL Injection Vulnerability
2022-05-09 00:00:00
github
github