4 matches found
EUVD-2026-33256
Mautic has SQL Injection in API Contact Filtering...
CVE-2020-7609
node-rules including 3.0.0 and prior to 5.0.0 allows injection of arbitrary commands. The argument rules of function "fromJSON" can be controlled by users without any sanitization...
CVE-2019-5413
An attacker can use the format parameter to inject arbitrary commands in the npm package morgan 1.9.1...
Design/Logic Flaw
An attacker can use the format parameter to inject arbitrary commands in the npm package morgan 1.9.1...