Lucene search
K

5 matches found

CNVD
CNVD
added 2018/10/26 12:0 a.m.3 views

mysql-binuuid-rails SQL Injection Vulnerability

mysql-binuuid-rails is a tool that stores UUIDs in binary MySQL database columns. A SQL injection vulnerability exists in mysql-binuuid-rails version 1.1.0 and earlier. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

9.8CVSS9.8AI score0.01789EPSS
Exploits1References1
Veracode
Veracode
added 2018/10/25 12:58 a.m.20 views

SQL Injection

mysql-binuuid-rails is vulnerable to SQL injection. The vulnerability exists due to the lack of sanitization of user input data, allowing the arbitrary SQL commands to be injected via the UUID parameter...

9.8CVSS9.8AI score0.01789EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2018/10/24 9:29 p.m.14 views

Sql injection

mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns...

7.5CVSS9.9AI score0.01789EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2018/10/24 9:29 p.m.20 views

CVE-2018-18476

mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns...

9.8CVSS10AI score0.01789EPSS
Exploits1References2
RubySec
RubySec
added 2018/10/19 12:0 a.m.27 views

mysql-binuuid-rails allows SQL Injection by removing default string escaping

mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns. ActiveRecord does not explicitly escape the Binary data type Type::Binary::Data for mysql. mysql-binuuid-rails uses a data type that is derived from the base Binary...

9.8CVSS2.2AI score0.01789EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder