5 matches found
Exploit for SQL Injection in Sequelizejs Sequelize
CVE-2023-25813 CVE 정보 - CVE 번호: CVE-2023-25813https...
CVE-2023-25813
creationtimestamp| type| source ---|---|--- 2023-02-23 00:52:08+00:00| seen| https://t.me/cibsecurity/58709...
12g (=0.0.27), 1st-project (=1.0.2) +2825 more potentially affected by CVE-2023-25813 via sequelize (>=1.0.2 <=6.19.0)
sequelize NPM version =1.0.2, =0.0.1, =0.0.2, =0.0.1, =1.2.3, =1.0.0, =0.5.0, =1.16.1, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =1.0.0, =2.0.1 - @aapokiiso/hsl-congestion-route-pattern-repository =1.0.0 and more Source cves: CVE-2023-25813 Source advisory: OSV:GHSA-WRH9-CJV3-2HPW...
CVE-2023-25813
Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fix...
CVE-2023-25813 SQL Injection via replacements in sequelize
Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fix...