EUVD-2022-1812

Malicious code in bioql PyPI...

CVE-2022-29498

Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run...

Blazer SQL Injection Vulnerability

Blazer is a tool. Allows SQL queries to be executed against a database from a Web panel.A SQL injection vulnerability exists in versions of Blazer prior to 2.6.0, which stems from the application's lack of validation of externally entered SQL statements. An attacker could exploit this vulnerabili...

SQL Injection

blazer is vulnerable to sql injection attacks. The library does not properly sanitize user input which allows an attacker to inject malicious sql queries and modify system data...

SQL injection in blazer

Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run...

GHSA-QF9Q-Q4HH-QPH3 SQL injection in blazer

Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run...

SQL Injection

Overview blazer is an allows you to explore your data with SQL. Easily create charts and dashboards, and share them with your team. Affected versions of this package are vulnerable to SQL Injection by allowing specific variable values to modify the query rather than just the variable. This can...

CVE-2022-29498

Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run...

CVE-2022-29498

Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run...

CVE-2022-29498

Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run...

Sql injection

Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run...

CVE-2022-29498

CVE-2022-29498 relates to Blazer prior to version 2.6.0, where a SQL injection vulnerability exists due to lack of validation of externally entered SQL statements. In affected setups, an attacker could convince a user to run a query they would not normally execute, potentially modifying data if t...

CVE-2022-29498

Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run...

Blazer SQL注入漏洞

Blazer is a tool. Allows SQL queries to be executed against a database from a Web panel.A SQL injection vulnerability exists in versions of Blazer prior to 2.6.0, which stems from the application's lack of validation of externally entered SQL statements. An attacker could exploit this vulnerabili...

SQL injection for certain queries with variables

For some queries, specific variable values can modify the query rather than just the variable. This can occur if: 1. the query's data source uses different escaping than the Rails database OR 2. the query has a variable inside a string literal Since Blazer is designed to run arbitrary queries, th...

remote DOS on Wyse thin client 1125SE

Synopsis: Wyse Winterm 1125SE Remote DOS. Product: Wyse Winterm 1125SE http://www.wyse.com/products/winterm/1125se/index.htm Version: Confirmed on Firmware 4.2.09f, 4.4.061f latest Author: Josh Zlatin-Amishav Date: August 10, 2005 Background: The Winterm 1125SE is a thin client which runs the Wys...