SQL Injection

@azhou/basemodel is vulnerable to SQL injection. A remote attacker is able to inject and execute arbitrary SQL statements via the orderBy variable...

Node.js third-party modules: [@azhou/basemodel] SQL injection

I would like to report SQL injection in @azhou/basemodel It allows attacker to read data from database. Module module name: @azhou/basemodel version: 1.0.0 npm page: https://www.npmjs.com/package/@azhou/basemodel Module Description Usage Initialization js var model =...