9 matches found
EUVD-2022-4146
Malicious code in bioql PyPI...
Command Injection in VIVO Vitro
SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service ReDoS, as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request...
GHSA-HGQ9-Q8G2-3JMG Command Injection in VIVO Vitro
SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service ReDoS, as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request...
Sql injection
SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service ReDoS, as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request...
CVE-2019-6986
SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service ReDoS, as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request...
CVE-2019-6986
SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service ReDoS, as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request...
CVE-2019-6986
SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service ReDoS, as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request...
CVE-2019-6986
CVE-2019-6986 describes a SPARQL Injection in VIVO Vitro v1.10.0 where a remote attacker can craft a request to the endpoint “/individual?uri=” to execute arbitrary SPARQL, leading to a Regular Expression Denial of Service (ReDoS) via crafted FILTER%20regex usage. Affected product/component: VIVO...
PT-2019-18400 · Vivo · Vivo Vitro
Name of the Vulnerable Software and Affected Versions: VIVO Vitro version 1.10.0 Description: The issue allows a remote attacker to execute arbitrary SPARQL via the uri parameter, potentially leading to a regular expression denial of service ReDoS. This can be achieved by crafting a specific...