5 matches found
mysql-binuuid-rails SQL Injection Vulnerability
mysql-binuuid-rails is a tool that stores UUIDs in binary MySQL database columns. A SQL injection vulnerability exists in mysql-binuuid-rails version 1.1.0 and earlier. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...
SQL Injection
mysql-binuuid-rails is vulnerable to SQL injection. The vulnerability exists due to the lack of sanitization of user input data, allowing the arbitrary SQL commands to be injected via the UUID parameter...
Sql injection
mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns...
CVE-2018-18476
mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns...
mysql-binuuid-rails allows SQL Injection by removing default string escaping
mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns. ActiveRecord does not explicitly escape the Binary data type Type::Binary::Data for mysql. mysql-binuuid-rails uses a data type that is derived from the base Binary...